Submit a ticketCall us
Home > Success Center > Log & Event Manager (LEM) > LEM - Knowledgebase Articles > LEM Reports Console: Report list and associated event fields

LEM Reports Console: Report list and associated event fields

Table of contents

Updated January 4, 2019

Overview

This article lists each report and associated event fields.

 

Environment

  • LEM Reports Console

Detail

rpt2003-02-1.rpt - Authentication - Failed Authentication
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHSUSPICIOUS_1"."SOURCEACCOUNT", "AUTHSUSPICIOUS_1"."SOURCEMACHINE", "AUTHSUSPICIOUS_1"."DESTINATIONMACHINE", "FAILEDAUTHENTICATION_1"."FAILUREREASON", "FAILEDAUTHENTICATION_1"."AUTHPACKAGE", "FAILEDAUTHENTICATION_1"."DESTINATIONACCOUNT", "FAILEDAUTHENTICATION_1"."DESTINATIONDOMAIN", "FAILEDAUTHENTICATION_1"."DESTINATIONACCOUNTTYPE", "FAILEDAUTHENTICATION_1"."LOGONTYPE", "GENERICALERT_1"."EXTRANEOUSINFO" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."AUTHSUSPICIOUS" "AUTHSUSPICIOUS_1", "PUBLIC"."PUBLIC"."FAILEDAUTHENTICATION" "FAILEDAUTHENTICATION_1" WHERE ("AUTHSUSPICIOUS_1"."UUID_"="FAILEDAUTHENTICATION_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FailedAuthentication' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-02-10.rpt - Authentication - Authentication Audit
 

SELECT "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'AuthAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-02-2.rpt - Authentication - Guest Login
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHSUSPICIOUS_1"."SOURCEACCOUNT", "AUTHSUSPICIOUS_1"."DESTINATIONMACHINE", "GUESTLOGIN_1"."AUTHPACKAGE", "GUESTLOGIN_1"."DESTINATIONACCOUNT", "GUESTLOGIN_1"."DESTINATIONDOMAIN", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHSUSPICIOUS" "AUTHSUSPICIOUS_1", "PUBLIC"."PUBLIC"."GUESTLOGIN" "GUESTLOGIN_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHSUSPICIOUS_1"."UUID_"="GUESTLOGIN_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'GuestLogin' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-02-3.rpt - Authentication - Restricted Information Attempt
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHSUSPICIOUS_1"."SOURCEACCOUNT", "AUTHSUSPICIOUS_1"."DESTINATIONMACHINE", "RESTRICTEDINFORMATIONATTEMPT_1"."INFORMATIONNAME", "RESTRICTEDINFORMATIONATTEMPT_1"."FAILUREREASON", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHSUSPICIOUS" "AUTHSUSPICIOUS_1", "PUBLIC"."PUBLIC"."RESTRICTEDINFORMATIONATTEMPT" "RESTRICTEDINFORMATIONATTEMPT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHSUSPICIOUS_1"."UUID_"="RESTRICTEDINFORMATIONATTEMPT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'RestrictedInformationAttempt' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-02-4.rpt - Authentication - Restricted Service Attempt
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHSUSPICIOUS_1"."SOURCEACCOUNT", "AUTHSUSPICIOUS_1"."DESTINATIONMACHINE", "RESTRICTEDSERVICEATTEMPT_1"."SERVICENAME", "RESTRICTEDSERVICEATTEMPT_1"."FAILUREREASON", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHSUSPICIOUS" "AUTHSUSPICIOUS_1", "PUBLIC"."PUBLIC"."RESTRICTEDSERVICEATTEMPT" "RESTRICTEDSERVICEATTEMPT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHSUSPICIOUS_1"."UUID_"="RESTRICTEDSERVICEATTEMPT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'RestrictedServiceAttempt' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-02-5.rpt - Authentication - User Log Off
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "USERLOGOFF_1"."LOGONTYPE", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."USERLOGOFF" "USERLOGOFF_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="USERLOGOFF_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'UserLogoff' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-02-6-1.rpt - Authentication - User Log On by User
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "USERLOGON_1"."LOGONPROCESS", "USERLOGON_1"."AUTHPACKAGE", "USERLOGON_1"."LOGONTYPE", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."USERLOGON" "USERLOGON_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("AUTHAUDIT_1"."UUID_"="USERLOGON_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'UserLogon' ORDER BY "AUTHAUDIT_1"."DESTINATIONACCOUNT", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-02-6-2.rpt - Authentication - Top User Log On by User
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "USERLOGON_1"."LOGONPROCESS", "USERLOGON_1"."AUTHPACKAGE", "USERLOGON_1"."LOGONTYPE", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."USERLOGON" "USERLOGON_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="USERLOGON_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'UserLogon' ORDER BY "AUTHAUDIT_1"."DESTINATIONACCOUNT", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-02-6.rpt - Authentication - User Log On
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "USERLOGON_1"."LOGONPROCESS", "USERLOGON_1"."AUTHPACKAGE", "USERLOGON_1"."LOGONTYPE", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."USERLOGON" "USERLOGON_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="USERLOGON_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'UserLogon' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-02-7-1.rpt - Authentication - User Log On Failure by User
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "USERLOGONFAILURE_1"."LOGONPROCESS", "USERLOGONFAILURE_1"."AUTHPACKAGE", "USERLOGONFAILURE_1"."LOGONTYPE", "USERLOGONFAILURE_1"."FAILUREREASON", "USERLOGONFAILURE_1"."FAILURECOUNT", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."USERLOGONFAILURE" "USERLOGONFAILURE_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="USERLOGONFAILURE_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'UserLogonFailure' ORDER BY "AUTHAUDIT_1"."DESTINATIONACCOUNT", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-02-7-2.rpt - Authentication - Top User Log On Failure by User
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "USERLOGONFAILURE_1"."LOGONPROCESS", "USERLOGONFAILURE_1"."AUTHPACKAGE", "USERLOGONFAILURE_1"."LOGONTYPE", "USERLOGONFAILURE_1"."FAILUREREASON", "USERLOGONFAILURE_1"."FAILURECOUNT", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."USERLOGONFAILURE" "USERLOGONFAILURE_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="USERLOGONFAILURE_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'UserLogonFailure' ORDER BY "AUTHAUDIT_1"."DESTINATIONACCOUNT", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-02-7.rpt - Authentication - User Log On Failure
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "USERLOGONFAILURE_1"."LOGONPROCESS", "USERLOGONFAILURE_1"."AUTHPACKAGE", "USERLOGONFAILURE_1"."LOGONTYPE", "USERLOGONFAILURE_1"."FAILUREREASON", "USERLOGONFAILURE_1"."FAILURECOUNT", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."USERLOGONFAILURE" "USERLOGONFAILURE_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="USERLOGONFAILURE_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'UserLogonFailure' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-02-8.rpt - Authentication - TriGeo Authentication
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME", "INTERNALUSERLOGOFF_1"."SOURCEMACHINE", "INTERNALUSERLOGOFF_1"."INTERNALUSERNAME", "INTERNALUSERLOGONFAILURE_1"."SOURCEMACHINE", "INTERNALUSERLOGONFAILURE_1"."INTERNALUSERNAME", "INTERNALUSERLOGON_1"."SOURCEMACHINE", "INTERNALUSERLOGON_1"."INTERNALUSERNAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."INTERNALUSERLOGON" "INTERNALUSERLOGON_1", "PUBLIC"."PUBLIC"."INTERNALUSERLOGONFAILURE" "INTERNALUSERLOGONFAILURE_1", "PUBLIC"."PUBLIC"."INTERNALUSERLOGOFF" "INTERNALUSERLOGOFF_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="INTERNALUSERLOGON_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="INTERNALUSERLOGONFAILURE_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="INTERNALUSERLOGOFF_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'InternalUserLogoff' OR "GENERICALERT_1"."ALERTID"=N'InternalUserLogon' OR "GENERICALERT_1"."ALERTID"=N'InternalUserLogonFailure') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-02-9.rpt - Authentication - Suspicious Authentication
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHSUSPICIOUS_1"."SOURCEACCOUNT", "AUTHSUSPICIOUS_1"."SOURCEMACHINE", "AUTHSUSPICIOUS_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."AUTHSUSPICIOUS" "AUTHSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'AuthSuspicious' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-02.rpt - Authentication
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "AUTHSUSPICIOUS_1"."SOURCEACCOUNT", "AUTHSUSPICIOUS_1"."SOURCEMACHINE", "AUTHSUSPICIOUS_1"."DESTINATIONMACHINE", "FAILEDAUTHENTICATION_1"."FAILUREREASON", "FAILEDAUTHENTICATION_1"."AUTHPACKAGE", "FAILEDAUTHENTICATION_1"."DESTINATIONACCOUNT", "FAILEDAUTHENTICATION_1"."DESTINATIONDOMAIN", "FAILEDAUTHENTICATION_1"."DESTINATIONACCOUNTTYPE", "FAILEDAUTHENTICATION_1"."LOGONTYPE", "GUESTLOGIN_1"."AUTHPACKAGE", "GUESTLOGIN_1"."DESTINATIONACCOUNT", "GUESTLOGIN_1"."DESTINATIONDOMAIN", "RESTRICTEDINFORMATIONATTEMPT_1"."INFORMATIONNAME", "RESTRICTEDINFORMATIONATTEMPT_1"."FAILUREREASON", "RESTRICTEDSERVICEATTEMPT_1"."SERVICENAME", "RESTRICTEDSERVICEATTEMPT_1"."FAILUREREASON", "USERLOGOFF_1"."LOGONTYPE", "USERLOGON_1"."LOGONPROCESS", "USERLOGON_1"."AUTHPACKAGE", "USERLOGON_1"."LOGONTYPE", "USERLOGONFAILURE_1"."LOGONPROCESS", "USERLOGONFAILURE_1"."AUTHPACKAGE", "USERLOGONFAILURE_1"."LOGONTYPE", "USERLOGONFAILURE_1"."FAILUREREASON", "USERLOGONFAILURE_1"."FAILURECOUNT", "INTERNALUSERLOGON_1"."SOURCEMACHINE", "INTERNALUSERLOGON_1"."INTERNALUSERNAME", "INTERNALUSERLOGOFF_1"."SOURCEMACHINE", "INTERNALUSERLOGOFF_1"."INTERNALUSERNAME", "INTERNALUSERLOGONFAILURE_1"."SOURCEMACHINE", "INTERNALUSERLOGONFAILURE_1"."INTERNALUSERNAME", "GENERICALERT_1"."EXTRANEOUSINFO" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."INTERNALUSERLOGONFAILURE" "INTERNALUSERLOGONFAILURE_1", "PUBLIC"."PUBLIC"."INTERNALUSERLOGON" "INTERNALUSERLOGON_1", "PUBLIC"."PUBLIC"."INTERNALUSERLOGOFF" "INTERNALUSERLOGOFF_1", "PUBLIC"."PUBLIC"."AUTHSUSPICIOUS" "AUTHSUSPICIOUS_1", "PUBLIC"."PUBLIC"."RESTRICTEDINFORMATIONATTEMPT" "RESTRICTEDINFORMATIONATTEMPT_1", "PUBLIC"."PUBLIC"."FAILEDAUTHENTICATION" "FAILEDAUTHENTICATION_1", "PUBLIC"."PUBLIC"."RESTRICTEDSERVICEATTEMPT" "RESTRICTEDSERVICEATTEMPT_1", "PUBLIC"."PUBLIC"."GUESTLOGIN" "GUESTLOGIN_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."USERLOGONFAILURE" "USERLOGONFAILURE_1", "PUBLIC"."PUBLIC"."USERLOGOFF" "USERLOGOFF_1", "PUBLIC"."PUBLIC"."USERLOGON" "USERLOGON_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="INTERNALUSERLOGONFAILURE_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="INTERNALUSERLOGON_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="INTERNALUSERLOGOFF_1"."UUID_") AND ("AUTHSUSPICIOUS_1"."UUID_"="RESTRICTEDINFORMATIONATTEMPT_1"."UUID_") AND ("AUTHSUSPICIOUS_1"."UUID_"="FAILEDAUTHENTICATION_1"."UUID_") AND ("AUTHSUSPICIOUS_1"."UUID_"="RESTRICTEDSERVICEATTEMPT_1"."UUID_") AND ("AUTHSUSPICIOUS_1"."UUID_"="GUESTLOGIN_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHSUSPICIOUS_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="USERLOGONFAILURE_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="USERLOGOFF_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="USERLOGON_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'AuthAudit' OR "GENERICALERT_1"."ALERTID"=N'AuthSuspicious' OR "GENERICALERT_1"."ALERTID"=N'FailedAuthentication' OR "GENERICALERT_1"."ALERTID"=N'GuestLogin' OR "GENERICALERT_1"."ALERTID"=N'InternalUserLogoff' OR "GENERICALERT_1"."ALERTID"=N'InternalUserLogon' OR "GENERICALERT_1"."ALERTID"=N'InternalUserLogonFailure' OR "GENERICALERT_1"."ALERTID"=N'RestrictedInformationAttempt' OR "GENERICALERT_1"."ALERTID"=N'RestrictedServiceAttempt' OR "GENERICALERT_1"."ALERTID"=N'UserLogoff' OR "GENERICALERT_1"."ALERTID"=N'UserLogon' OR "GENERICALERT_1"."ALERTID"=N'UserLogonFailure')
 

rpt2003-03.rpt - Authentication - Log On / Off / Failure
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "USERLOGON_1"."LOGONPROCESS", "USERLOGON_1"."AUTHPACKAGE", "USERLOGON_1"."LOGONTYPE", "USERLOGOFF_1"."LOGONTYPE", "USERLOGONFAILURE_1"."LOGONPROCESS", "USERLOGONFAILURE_1"."AUTHPACKAGE", "USERLOGONFAILURE_1"."LOGONTYPE", "USERLOGONFAILURE_1"."FAILUREREASON", "USERLOGONFAILURE_1"."FAILURECOUNT", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."USERLOGONFAILURE" "USERLOGONFAILURE_1", "PUBLIC"."PUBLIC"."USERLOGOFF" "USERLOGOFF_1", "PUBLIC"."PUBLIC"."USERLOGON" "USERLOGON_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="USERLOGONFAILURE_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="USERLOGOFF_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="USERLOGON_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'UserLogoff' OR "GENERICALERT_1"."ALERTID"=N'UserLogon' OR "GENERICALERT_1"."ALERTID"=N'UserLogonFailure') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-04-01.rpt - Malicious Code - Service Process Attack
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ServiceProcessAttack' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-04-02.rpt - Malicious Code - Trojan Traffic Access
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "TROJANTRAFFICACCESS_1"."TROJANNAME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."TROJANTRAFFICACCESS" "TROJANTRAFFICACCESS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="TROJANTRAFFICACCESS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'TrojanTrafficAccess' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-04-03.rpt - Malicious Code - Trojan Traffic Denial mgr-32-453
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "TROJANTRAFFICDENIAL_1"."TROJANNAME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."TROJANTRAFFICDENIAL" "TROJANTRAFFICDENIAL_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="TROJANTRAFFICDENIAL_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'TrojanTrafficDenial' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-04-04.rpt - Malicious Code - Trojan Infection Access
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'TrojanInfectionAccess' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-04-05.rpt - Malicious Code - Trojan Command Access
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'TrojanCommandAccess' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-04-06.rpt - Malicious Code - Virus Attack
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "VIRUSATTACK_1"."VIRUSDETECTED", "VIRUSATTACK_1"."SOURCEACCOUNT", "VIRUSATTACK_1"."INFECTEDFILE", "VIRUSATTACK_1"."PRIMARYACTIONATTEMPT", "VIRUSATTACK_1"."SECONDARYACTIONATTEMPT", "VIRUSATTACK_1"."FAILUREREASON", "VIRUSATTACK_1"."ACTIONTAKEN", "VIRUSATTACK_1"."SOURCEMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."VIRUSATTACK" "VIRUSATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="VIRUSATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'VirusAttack' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-04-07.rpt - Malicious Code - Virus Summary Attack
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "VIRUSSUMMARYATTACK_1"."SOURCEACCOUNT", "VIRUSSUMMARYATTACK_1"."FILESSCANNED", "VIRUSSUMMARYATTACK_1"."BOOTSECTORSSCANNED", "VIRUSSUMMARYATTACK_1"."FILESINFECTED", "VIRUSSUMMARYATTACK_1"."BOOTSECTORINFECTED", "VIRUSSUMMARYATTACK_1"."MEMORYINFECTED", "VIRUSSUMMARYATTACK_1"."BOOTCLEANED", "VIRUSSUMMARYATTACK_1"."MEMORYCLEANED", "VIRUSSUMMARYATTACK_1"."FILESQUARANTINED", "VIRUSSUMMARYATTACK_1"."FILESDELETED", "VIRUSSUMMARYATTACK_1"."FILESCLEANED", "VIRUSSUMMARYATTACK_1"."FILESLEFTALONE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."VIRUSSUMMARYATTACK" "VIRUSSUMMARYATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="VIRUSSUMMARYATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'VirusSummaryAttack' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-04-08.rpt - Malicious Code - Virus Traffic Access
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "VIRUSTRAFFICACCESS_1"."VIRUSNAME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."VIRUSTRAFFICACCESS" "VIRUSTRAFFICACCESS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="VIRUSTRAFFICACCESS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'VirusTrafficAccess' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-04.rpt - Malicious Code
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "TROJANTRAFFICACCESS_1"."TROJANNAME", "VIRUSTRAFFICACCESS_1"."VIRUSNAME", "TROJANTRAFFICDENIAL_1"."TROJANNAME", "VIRUSATTACK_1"."VIRUSDETECTED", "VIRUSATTACK_1"."SOURCEACCOUNT", "VIRUSATTACK_1"."INFECTEDFILE", "VIRUSATTACK_1"."PRIMARYACTIONATTEMPT", "VIRUSATTACK_1"."SECONDARYACTIONATTEMPT", "VIRUSATTACK_1"."FAILUREREASON", "VIRUSATTACK_1"."ACTIONTAKEN", "VIRUSATTACK_1"."SOURCEMACHINE", "VIRUSSUMMARYATTACK_1"."SOURCEACCOUNT", "VIRUSSUMMARYATTACK_1"."FILESSCANNED", "VIRUSSUMMARYATTACK_1"."BOOTSECTORSSCANNED", "VIRUSSUMMARYATTACK_1"."FILESINFECTED", "VIRUSSUMMARYATTACK_1"."BOOTSECTORINFECTED", "VIRUSSUMMARYATTACK_1"."MEMORYINFECTED", "VIRUSSUMMARYATTACK_1"."BOOTCLEANED", "VIRUSSUMMARYATTACK_1"."MEMORYCLEANED", "VIRUSSUMMARYATTACK_1"."FILESQUARANTINED", "VIRUSSUMMARYATTACK_1"."FILESDELETED", "VIRUSSUMMARYATTACK_1"."FILESCLEANED", "VIRUSSUMMARYATTACK_1"."FILESLEFTALONE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."VIRUSTRAFFICACCESS" "VIRUSTRAFFICACCESS_1", "PUBLIC"."PUBLIC"."VIRUSSUMMARYATTACK" "VIRUSSUMMARYATTACK_1", "PUBLIC"."PUBLIC"."VIRUSATTACK" "VIRUSATTACK_1", "PUBLIC"."PUBLIC"."TROJANTRAFFICDENIAL" "TROJANTRAFFICDENIAL_1", "PUBLIC"."PUBLIC"."TROJANTRAFFICACCESS" "TROJANTRAFFICACCESS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="VIRUSTRAFFICACCESS_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="VIRUSSUMMARYATTACK_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="VIRUSATTACK_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="TROJANTRAFFICDENIAL_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="TROJANTRAFFICACCESS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ServiceProcessAttack' OR "GENERICALERT_1"."ALERTID"=N'TrojanCommandAccess' OR "GENERICALERT_1"."ALERTID"=N'TrojanInfectionAccess' OR "GENERICALERT_1"."ALERTID"=N'TrojanTrafficAccess' OR "GENERICALERT_1"."ALERTID"=N'TrojanTrafficDenial' OR "GENERICALERT_1"."ALERTID"=N'VirusAttack' OR "GENERICALERT_1"."ALERTID"=N'VirusSummaryAttack' OR "GENERICALERT_1"."ALERTID"=N'VirusTrafficAccess')
 

rpt2003-05-11.rpt - File Audit Events - File Audit
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEAUDIT_1"."SOURCEACCOUNT", "FILEAUDIT_1"."SOURCEDOMAIN", "FILEAUDIT_1"."SOURCELOGONID", "FILEAUDIT_1"."DESTINATIONACCOUNT", "FILEAUDIT_1"."DESTINATIONDOMAIN", "FILEAUDIT_1"."DESTINATIONLOGONID", "FILEAUDIT_1"."ACCESSREQUESTED", "FILEAUDIT_1"."PRIVILEGESEXERCISED", "FILEAUDIT_1"."FILENAME", "FILEAUDIT_1"."SERVINGPROCESS", "FILEAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEAUDIT" "FILEAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="FILEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME
 

rpt2003-05-12.rpt - File Audit Events - File Audit Failure
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEAUDIT_1"."SOURCEACCOUNT", "FILEAUDIT_1"."SOURCEDOMAIN", "FILEAUDIT_1"."SOURCELOGONID", "FILEAUDIT_1"."DESTINATIONACCOUNT", "FILEAUDIT_1"."DESTINATIONDOMAIN", "FILEAUDIT_1"."DESTINATIONLOGONID", "FILEAUDIT_1"."ACCESSREQUESTED", "FILEAUDIT_1"."PRIVILEGESEXERCISED", "FILEAUDIT_1"."FILENAME", "FILEAUDIT_1"."SERVINGPROCESS", "FILEAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEAUDIT" "FILEAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="FILEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileAuditFailure' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-21.rpt - File Audit Events - File Handle Audit
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEHANDLEAUDIT_1"."SOURCEACCOUNT", "FILEHANDLEAUDIT_1"."SOURCEDOMAIN", "FILEHANDLEAUDIT_1"."DESTINATIONHANDLEID", "FILEHANDLEAUDIT_1"."DESTINATIONPROCESSID", "FILEHANDLEOPEN_1"."OPERATIONID", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEHANDLEAUDIT" "FILEHANDLEAUDIT_1", "PUBLIC"."PUBLIC"."FILEHANDLEOPEN" "FILEHANDLEOPEN_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("FILEHANDLEAUDIT_1"."UUID_"="FILEHANDLEOPEN_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="FILEHANDLEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileHandleAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-22.rpt - File Audit Events - File Handle Close
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEHANDLEAUDIT_1"."SOURCEACCOUNT", "FILEHANDLEAUDIT_1"."SOURCEDOMAIN", "FILEHANDLEAUDIT_1"."DESTINATIONHANDLEID", "FILEHANDLEAUDIT_1"."DESTINATIONPROCESSID", "FILEHANDLECLOSE_1"."OBJECTSERVER", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEHANDLEAUDIT" "FILEHANDLEAUDIT_1", "PUBLIC"."PUBLIC"."FILEHANDLECLOSE" "FILEHANDLECLOSE_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("FILEHANDLEAUDIT_1"."UUID_"="FILEHANDLECLOSE_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="FILEHANDLEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileHandleClose' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-23.rpt - File Audit Events - File Handle Copy
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEHANDLEAUDIT_1"."SOURCEACCOUNT", "FILEHANDLEAUDIT_1"."SOURCEDOMAIN", "FILEHANDLEAUDIT_1"."DESTINATIONHANDLEID", "FILEHANDLEAUDIT_1"."DESTINATIONPROCESSID", "FILEHANDLECOPY_1"."SOURCEHANDLEID", "FILEHANDLECOPY_1"."SOURCEPROCESSID", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEHANDLEAUDIT" "FILEHANDLEAUDIT_1", "PUBLIC"."PUBLIC"."FILEHANDLECOPY" "FILEHANDLECOPY_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("FILEHANDLEAUDIT_1"."UUID_"="FILEHANDLECOPY_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="FILEHANDLEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileHandleCopy' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-24.rpt - File Audit Events - File Handle Open
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEHANDLEAUDIT_1"."SOURCEACCOUNT", "FILEHANDLEAUDIT_1"."SOURCEDOMAIN", "FILEHANDLEAUDIT_1"."DESTINATIONHANDLEID", "FILEHANDLEAUDIT_1"."DESTINATIONPROCESSID", "FILEHANDLEOPEN_1"."OPERATIONID", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEHANDLEAUDIT" "FILEHANDLEAUDIT_1", "PUBLIC"."PUBLIC"."FILEHANDLEOPEN" "FILEHANDLEOPEN_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("FILEHANDLEAUDIT_1"."UUID_"="FILEHANDLEOPEN_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="FILEHANDLEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileHandleOpen' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-31.rpt - File Audit Events - File Data Read
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEAUDIT_1"."SOURCEACCOUNT", "FILEAUDIT_1"."SOURCEDOMAIN", "FILEAUDIT_1"."SOURCELOGONID", "FILEAUDIT_1"."DESTINATIONACCOUNT", "FILEAUDIT_1"."DESTINATIONDOMAIN", "FILEAUDIT_1"."DESTINATIONLOGONID", "FILEAUDIT_1"."ACCESSREQUESTED", "FILEAUDIT_1"."PRIVILEGESEXERCISED", "FILEAUDIT_1"."FILENAME", "FILEAUDIT_1"."SERVINGPROCESS", "FILEAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEAUDIT" "FILEAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="FILEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileDataRead' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-32.rpt - File Audit Events - File Execute
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEAUDIT_1"."SOURCEACCOUNT", "FILEAUDIT_1"."SOURCEDOMAIN", "FILEAUDIT_1"."SOURCELOGONID", "FILEAUDIT_1"."DESTINATIONACCOUNT", "FILEAUDIT_1"."DESTINATIONDOMAIN", "FILEAUDIT_1"."DESTINATIONLOGONID", "FILEAUDIT_1"."ACCESSREQUESTED", "FILEAUDIT_1"."PRIVILEGESEXERCISED", "FILEAUDIT_1"."FILENAME", "FILEAUDIT_1"."SERVINGPROCESS", "FILEAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEAUDIT" "FILEAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="FILEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileExecute' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-33.rpt - File Audit Events - File Read
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEAUDIT_1"."SOURCEACCOUNT", "FILEAUDIT_1"."SOURCEDOMAIN", "FILEAUDIT_1"."SOURCELOGONID", "FILEAUDIT_1"."DESTINATIONACCOUNT", "FILEAUDIT_1"."DESTINATIONDOMAIN", "FILEAUDIT_1"."DESTINATIONLOGONID", "FILEAUDIT_1"."ACCESSREQUESTED", "FILEAUDIT_1"."PRIVILEGESEXERCISED", "FILEAUDIT_1"."FILENAME", "FILEAUDIT_1"."SERVINGPROCESS", "FILEAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEAUDIT" "FILEAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="FILEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileRead' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-41.rpt - File Audit Events - File Attribute Change
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEAUDIT_1"."SOURCEACCOUNT", "FILEAUDIT_1"."SOURCEDOMAIN", "FILEAUDIT_1"."SOURCELOGONID", "FILEAUDIT_1"."DESTINATIONACCOUNT", "FILEAUDIT_1"."DESTINATIONDOMAIN", "FILEAUDIT_1"."DESTINATIONLOGONID", "FILEAUDIT_1"."ACCESSREQUESTED", "FILEAUDIT_1"."PRIVILEGESEXERCISED", "FILEAUDIT_1"."FILENAME", "FILEAUDIT_1"."SERVINGPROCESS", "FILEAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEAUDIT" "FILEAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="FILEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileAttributeChange' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-42.rpt - File Audit Events - File Create
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEAUDIT_1"."SOURCEACCOUNT", "FILEAUDIT_1"."SOURCEDOMAIN", "FILEAUDIT_1"."SOURCELOGONID", "FILEAUDIT_1"."DESTINATIONACCOUNT", "FILEAUDIT_1"."DESTINATIONDOMAIN", "FILEAUDIT_1"."DESTINATIONLOGONID", "FILEAUDIT_1"."ACCESSREQUESTED", "FILEAUDIT_1"."PRIVILEGESEXERCISED", "FILEAUDIT_1"."FILENAME", "FILEAUDIT_1"."SERVINGPROCESS", "FILEAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEAUDIT" "FILEAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="FILEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileCreate' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-43.rpt - File Audit Events - File Data Write
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEAUDIT_1"."SOURCEACCOUNT", "FILEAUDIT_1"."SOURCEDOMAIN", "FILEAUDIT_1"."SOURCELOGONID", "FILEAUDIT_1"."DESTINATIONACCOUNT", "FILEAUDIT_1"."DESTINATIONDOMAIN", "FILEAUDIT_1"."DESTINATIONLOGONID", "FILEAUDIT_1"."ACCESSREQUESTED", "FILEAUDIT_1"."PRIVILEGESEXERCISED", "FILEAUDIT_1"."FILENAME", "FILEAUDIT_1"."SERVINGPROCESS", "FILEAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEAUDIT" "FILEAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="FILEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileDataWrite' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-44.rpt - File Audit Events - File Delete
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEAUDIT_1"."SOURCEACCOUNT", "FILEAUDIT_1"."SOURCEDOMAIN", "FILEAUDIT_1"."SOURCELOGONID", "FILEAUDIT_1"."DESTINATIONACCOUNT", "FILEAUDIT_1"."DESTINATIONDOMAIN", "FILEAUDIT_1"."DESTINATIONLOGONID", "FILEAUDIT_1"."ACCESSREQUESTED", "FILEAUDIT_1"."PRIVILEGESEXERCISED", "FILEAUDIT_1"."FILENAME", "FILEAUDIT_1"."SERVINGPROCESS", "FILEAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEAUDIT" "FILEAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="FILEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileDelete' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-45.rpt - File Audit Events - File Link
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEAUDIT_1"."SOURCEACCOUNT", "FILEAUDIT_1"."SOURCEDOMAIN", "FILEAUDIT_1"."SOURCELOGONID", "FILEAUDIT_1"."DESTINATIONACCOUNT", "FILEAUDIT_1"."DESTINATIONDOMAIN", "FILEAUDIT_1"."DESTINATIONLOGONID", "FILEAUDIT_1"."ACCESSREQUESTED", "FILEAUDIT_1"."PRIVILEGESEXERCISED", "FILEAUDIT_1"."FILENAME", "FILEAUDIT_1"."SERVINGPROCESS", "FILEAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEAUDIT" "FILEAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="FILEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileLink' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-46.rpt - File Audit Events - File Move
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEAUDIT_1"."SOURCEACCOUNT", "FILEAUDIT_1"."SOURCEDOMAIN", "FILEAUDIT_1"."SOURCELOGONID", "FILEAUDIT_1"."DESTINATIONACCOUNT", "FILEAUDIT_1"."DESTINATIONDOMAIN", "FILEAUDIT_1"."DESTINATIONLOGONID", "FILEAUDIT_1"."ACCESSREQUESTED", "FILEAUDIT_1"."PRIVILEGESEXERCISED", "FILEAUDIT_1"."FILENAME", "FILEAUDIT_1"."SERVINGPROCESS", "FILEAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEAUDIT" "FILEAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="FILEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileMove' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-47.rpt - File Audit Events - File Write
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEAUDIT_1"."SOURCEACCOUNT", "FILEAUDIT_1"."SOURCEDOMAIN", "FILEAUDIT_1"."SOURCELOGONID", "FILEAUDIT_1"."DESTINATIONACCOUNT", "FILEAUDIT_1"."DESTINATIONDOMAIN", "FILEAUDIT_1"."DESTINATIONLOGONID", "FILEAUDIT_1"."ACCESSREQUESTED", "FILEAUDIT_1"."PRIVILEGESEXERCISED", "FILEAUDIT_1"."FILENAME", "FILEAUDIT_1"."SERVINGPROCESS", "FILEAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."FILEAUDIT" "FILEAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="FILEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileWrite' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-51.rpt - File Audit Events - Object Audit
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "OBJECTAUDIT_1"."SOURCEACCOUNT", "OBJECTAUDIT_1"."SOURCEDOMAIN", "OBJECTAUDIT_1"."SOURCELOGONID", "OBJECTAUDIT_1"."DESTINATIONACCOUNT", "OBJECTAUDIT_1"."DESTINATIONDOMAIN", "OBJECTAUDIT_1"."DESTINATIONLOGONID", "OBJECTAUDIT_1"."ACCESSREQUESTED", "OBJECTAUDIT_1"."PRIVILEGESEXERCISED", "OBJECTAUDIT_1"."OBJECTNAME", "OBJECTAUDIT_1"."SERVINGPROCESS", "OBJECTAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."OBJECTAUDIT" "OBJECTAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="OBJECTAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ObjectAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-52.rpt - File Audit Events - Object Audit Failure
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "OBJECTAUDIT_1"."SOURCEACCOUNT", "OBJECTAUDIT_1"."SOURCEDOMAIN", "OBJECTAUDIT_1"."SOURCELOGONID", "OBJECTAUDIT_1"."DESTINATIONACCOUNT", "OBJECTAUDIT_1"."DESTINATIONDOMAIN", "OBJECTAUDIT_1"."DESTINATIONLOGONID", "OBJECTAUDIT_1"."ACCESSREQUESTED", "OBJECTAUDIT_1"."PRIVILEGESEXERCISED", "OBJECTAUDIT_1"."OBJECTNAME", "OBJECTAUDIT_1"."SERVINGPROCESS", "OBJECTAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."OBJECTAUDIT" "OBJECTAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="OBJECTAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ObjectAuditFailure' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-53.rpt - File Audit Events - Object Delete
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "OBJECTAUDIT_1"."SOURCEACCOUNT", "OBJECTAUDIT_1"."SOURCEDOMAIN", "OBJECTAUDIT_1"."SOURCELOGONID", "OBJECTAUDIT_1"."DESTINATIONACCOUNT", "OBJECTAUDIT_1"."DESTINATIONDOMAIN", "OBJECTAUDIT_1"."DESTINATIONLOGONID", "OBJECTAUDIT_1"."ACCESSREQUESTED", "OBJECTAUDIT_1"."PRIVILEGESEXERCISED", "OBJECTAUDIT_1"."OBJECTNAME", "OBJECTAUDIT_1"."SERVINGPROCESS", "OBJECTAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."OBJECTAUDIT" "OBJECTAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="OBJECTAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ObjectDelete' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05-54.rpt - File Audit Events - Object Link
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "OBJECTAUDIT_1"."SOURCEACCOUNT", "OBJECTAUDIT_1"."SOURCEDOMAIN", "OBJECTAUDIT_1"."SOURCELOGONID", "OBJECTAUDIT_1"."DESTINATIONACCOUNT", "OBJECTAUDIT_1"."DESTINATIONDOMAIN", "OBJECTAUDIT_1"."DESTINATIONLOGONID", "OBJECTAUDIT_1"."ACCESSREQUESTED", "OBJECTAUDIT_1"."PRIVILEGESEXERCISED", "OBJECTAUDIT_1"."OBJECTNAME", "OBJECTAUDIT_1"."SERVINGPROCESS", "OBJECTAUDIT_1"."ACCESSPROPERTIES", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."OBJECTAUDIT" "OBJECTAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="OBJECTAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ObjectLink' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-05.rpt - File Audit Events
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "FILEAUDIT_1"."SOURCEACCOUNT", "FILEAUDIT_1"."SOURCEDOMAIN", "FILEAUDIT_1"."SOURCELOGONID", "FILEAUDIT_1"."DESTINATIONACCOUNT", "FILEAUDIT_1"."DESTINATIONDOMAIN", "FILEAUDIT_1"."DESTINATIONLOGONID", "FILEAUDIT_1"."ACCESSREQUESTED", "FILEAUDIT_1"."PRIVILEGESEXERCISED", "FILEAUDIT_1"."FILENAME", "FILEAUDIT_1"."SERVINGPROCESS", "FILEAUDIT_1"."ACCESSPROPERTIES", "OBJECTAUDIT_1"."SOURCEACCOUNT", "OBJECTAUDIT_1"."SOURCEDOMAIN", "OBJECTAUDIT_1"."SOURCELOGONID", "OBJECTAUDIT_1"."DESTINATIONACCOUNT", "OBJECTAUDIT_1"."DESTINATIONDOMAIN", "OBJECTAUDIT_1"."DESTINATIONLOGONID", "OBJECTAUDIT_1"."ACCESSREQUESTED", "OBJECTAUDIT_1"."PRIVILEGESEXERCISED", "OBJECTAUDIT_1"."OBJECTTYPE", "OBJECTAUDIT_1"."OBJECTNAME", "OBJECTAUDIT_1"."SERVINGPROCESS", "OBJECTAUDIT_1"."ACCESSPROPERTIES", "FILEHANDLEAUDIT_1"."SOURCEACCOUNT", "FILEHANDLEAUDIT_1"."SOURCEDOMAIN", "FILEHANDLEAUDIT_1"."DESTINATIONHANDLEID", "FILEHANDLEAUDIT_1"."DESTINATIONPROCESSID", "FILEHANDLECLOSE_1"."OBJECTSERVER", "FILEHANDLECOPY_1"."SOURCEHANDLEID", "FILEHANDLECOPY_1"."SOURCEPROCESSID", "FILEHANDLEOPEN_1"."OPERATIONID", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."OBJECTAUDIT" "OBJECTAUDIT_1", "PUBLIC"."PUBLIC"."FILEHANDLEAUDIT" "FILEHANDLEAUDIT_1", "PUBLIC"."PUBLIC"."FILEHANDLECOPY" "FILEHANDLECOPY_1", "PUBLIC"."PUBLIC"."FILEHANDLECLOSE" "FILEHANDLECLOSE_1", "PUBLIC"."PUBLIC"."FILEHANDLEOPEN" "FILEHANDLEOPEN_1", "PUBLIC"."PUBLIC"."FILEAUDIT" "FILEAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="OBJECTAUDIT_1"."UUID_") AND ("FILEHANDLEAUDIT_1"."UUID_"="FILEHANDLECOPY_1"."UUID_") AND ("FILEHANDLEAUDIT_1"."UUID_"="FILEHANDLECLOSE_1"."UUID_") AND ("FILEHANDLEAUDIT_1"."UUID_"="FILEHANDLEOPEN_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="FILEHANDLEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="FILEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'FileAttributeChange' OR "GENERICALERT_1"."ALERTID"=N'FileAudit' OR "GENERICALERT_1"."ALERTID"=N'FileAuditFailure' OR "GENERICALERT_1"."ALERTID"=N'FileCreate' OR "GENERICALERT_1"."ALERTID"=N'FileDataRead' OR "GENERICALERT_1"."ALERTID"=N'FileDataWrite' OR "GENERICALERT_1"."ALERTID"=N'FileDelete' OR "GENERICALERT_1"."ALERTID"=N'FileExecute' OR "GENERICALERT_1"."ALERTID"=N'FileHandleAudit' OR "GENERICALERT_1"."ALERTID"=N'FileHandleClose' OR "GENERICALERT_1"."ALERTID"=N'FileHandleCopy' OR "GENERICALERT_1"."ALERTID"=N'FileHandleOpen' OR "GENERICALERT_1"."ALERTID"=N'FileLink' OR "GENERICALERT_1"."ALERTID"=N'FileMove' OR "GENERICALERT_1"."ALERTID"=N'FileRead' OR "GENERICALERT_1"."ALERTID"=N'FileWrite' OR "GENERICALERT_1"."ALERTID"=N'ObjectAudit' OR "GENERICALERT_1"."ALERTID"=N'ObjectAuditFailure' OR "GENERICALERT_1"."ALERTID"=N'ObjectDelete' OR "GENERICALERT_1"."ALERTID"=N'ObjectLink')
 

rpt2003-06-01-0.rpt - Network Traffic Audit - Web Traffic by Tool Alias
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "GENERICALERT_1"."TOOLALIAS", "WEBTRAFFICAUDIT_1"."CATEGORY", "WEBTRAFFICAUDIT_1"."URL", "GENERICALERT_1"."PROVIDERSID", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."SOURCEMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."WEBTRAFFICAUDIT" "WEBTRAFFICAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("NETWORKAUDIT_1"."UUID_"="WEBTRAFFICAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'WebTrafficAudit'
 

rpt2003-06-01-1.rpt - Network Traffic Audit - Web Traffic by Source Machine
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKAUDIT_1"."SOURCEMACHINE", "WEBTRAFFICAUDIT_1"."CATEGORY", "WEBTRAFFICAUDIT_1"."URL", "GENERICALERT_1"."PROVIDERSID", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."WEBTRAFFICAUDIT" "WEBTRAFFICAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("NETWORKAUDIT_1"."UUID_"="WEBTRAFFICAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'WebTrafficAudit'
 

rpt2003-06-01-2.rpt - Network Traffic Audit - Web Traffic by Destination Machine
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "WEBTRAFFICAUDIT_1"."CATEGORY", "WEBTRAFFICAUDIT_1"."URL", "GENERICALERT_1"."PROVIDERSID", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."SOURCEMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."WEBTRAFFICAUDIT" "WEBTRAFFICAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("NETWORKAUDIT_1"."UUID_"="WEBTRAFFICAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'WebTrafficAudit'
 

rpt2003-06-01-3.rpt - Network Traffic Audit - Web Traffic by Provider SID
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "GENERICALERT_1"."PROVIDERSID", "WEBTRAFFICAUDIT_1"."CATEGORY", "WEBTRAFFICAUDIT_1"."URL", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."SOURCEMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."WEBTRAFFICAUDIT" "WEBTRAFFICAUDIT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="WEBTRAFFICAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'WebTrafficAudit'
 

rpt2003-06-01-4.rpt - Network Traffic Audit - Web URL Requests by Source Machine - Graphs
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME", "WEBTRAFFICAUDIT_1"."URL", "NETWORKAUDIT_1"."SOURCEMACHINE" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."WEBTRAFFICAUDIT" "WEBTRAFFICAUDIT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("WEBTRAFFICAUDIT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="WEBTRAFFICAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'WebTrafficAudit'
 

rpt2003-06-01-5.rpt - Network Traffic Audit - Web URL Requests by Source Machine
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME", "WEBTRAFFICAUDIT_1"."CATEGORY", "NETWORKAUDIT_1"."SOURCEMACHINE", "WEBTRAFFICAUDIT_1"."URL", "GENERICALERT_1"."EVENTINFO" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."WEBTRAFFICAUDIT" "WEBTRAFFICAUDIT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("WEBTRAFFICAUDIT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="WEBTRAFFICAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'WebTrafficAudit'
 

rpt2003-06-01.rpt - Network Traffic Audit - Web Traffic
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."TOOLALIAS", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEMACHINE", "WEBTRAFFICAUDIT_1"."CATEGORY", "WEBTRAFFICAUDIT_1"."URL", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."SOURCEPORT", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."WEBTRAFFICAUDIT" "WEBTRAFFICAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("NETWORKAUDIT_1"."UUID_"="WEBTRAFFICAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'WebTrafficAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-06-02.rpt - Network Traffic Audit - Configuration Traffic
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKAUDIT_1"."SOURCEMACHINE", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."SOURCEMACADDRESS", "NETWORKAUDIT_1"."DESTINATIONMACADDRESS", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ConfigurationTrafficAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-06-03-0.rpt - Network Traffic Audit - Core Traffic by Tool Alias
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."PROVIDERSID", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."SOURCEMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'CoreTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'ICMPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'IPSecTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'IPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'TCPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'UDPTrafficAudit')
 

rpt2003-06-03-1.rpt - Network Traffic Audit - Core Traffic by Source Machine
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKAUDIT_1"."SOURCEMACHINE", "GENERICALERT_1"."PROVIDERSID", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'CoreTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'ICMPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'IPSecTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'IPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'TCPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'UDPTrafficAudit') ORDER BY "NETWORKAUDIT_1"."SOURCEMACHINE", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-06-03-2.rpt - Network Traffic Audit - Core Traffic by Destination Machine
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "GENERICALERT_1"."PROVIDERSID", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."SOURCEMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'CoreTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'ICMPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'IPSecTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'IPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'TCPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'UDPTrafficAudit')
 

rpt2003-06-03-3.rpt - Network Traffic Audit - Core Traffic by Provider SID
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "GENERICALERT_1"."PROVIDERSID", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."SOURCEMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'CoreTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'ICMPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'IPSecTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'IPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'TCPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'UDPTrafficAudit')
 

rpt2003-06-03.rpt - Network Traffic Audit - Core Traffic
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."TOOLALIAS", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEMACHINE", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."SOURCEPORT", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'CoreTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'ICMPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'IPSecTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'IPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'TCPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'UDPTrafficAudit') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-06-04.rpt - Network Traffic Audit - Encrypted Traffmgr-32-453
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKAUDIT_1"."SOURCEMACHINE", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."INTERFACE", "ENCRYPTEDTRAFFIC_1"."MODE", "ENCRYPTEDTRAFFIC_1"."PEERIDENTITY", "ENCRYPTEDTRAFFIC_1"."FILTER", "ENCRYPTEDTRAFFIC_1"."PARAMETERS", "ENCRYPTEDTRAFFICERROR_1"."FAILUREREASON", "ENCRYPTEDTRAFFICERROR_1"."FAILUREPOINT", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."ENCRYPTEDTRAFFIC" "ENCRYPTEDTRAFFIC_1", "PUBLIC"."PUBLIC"."ENCRYPTEDTRAFFICERROR" "ENCRYPTEDTRAFFICERROR_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("NETWORKAUDIT_1"."UUID_"="ENCRYPTEDTRAFFIC_1"."UUID_") AND ("NETWORKAUDIT_1"."UUID_"="ENCRYPTEDTRAFFICERROR_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'EncryptedTraffic' OR "GENERICALERT_1"."ALERTID"=N'EncryptedTrafficError') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-06-05.rpt - Network Traffic Audit - Link Control Traffic
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKAUDIT_1"."SOURCEMACHINE", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'LinkControlTrafficAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-06-06.rpt - Network Traffic Audit - Network Traffic
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKAUDIT_1"."SOURCEMACHINE", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'FileSystemTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'NamingTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'NetworkAudit') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-06-07.rpt - Network Traffic Audit - Point to Point Traffic
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKAUDIT_1"."SOURCEMACHINE", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'PointToPointTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'PPTPTrafficAudit') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-06-08.rpt - Network Traffic Audit - Remote Procedure Traffic
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKAUDIT_1"."SOURCEMACHINE", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'RemoteProcedureTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'RPCTrafficAudit') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-06-09.rpt - Network Traffic Audit - Routing Traffic
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKAUDIT_1"."SOURCEMACHINE", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'RIPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'RoutingTrafficAudit') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-06-10.rpt - Network Traffic Audit - Time Traffic
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKAUDIT_1"."SOURCEMACHINE", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'NTPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'TimeTrafficAudit') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-06-11-0.rpt - Network Traffic Audit - Application Traffic by Tool Alias
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."PROVIDERSID", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."SOURCEMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ApplicationTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'FileTransferTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'MailTrafficAudit')
 

rpt2003-06-11-1.rpt - Network Traffic Audit - Application Traffic by Source Machine
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKAUDIT_1"."SOURCEMACHINE", "GENERICALERT_1"."PROVIDERSID", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ApplicationTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'FileTransferTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'MailTrafficAudit')
 

rpt2003-06-11-2.rpt - Network Traffic Audit - Application Traffic by Destination Machine
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "GENERICALERT_1"."PROVIDERSID", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."SOURCEMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ApplicationTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'FileTransferTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'MailTrafficAudit')
 

rpt2003-06-11-3.rpt - Network Traffic Audit - Application Traffic by Provider SID
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "GENERICALERT_1"."PROVIDERSID", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."SOURCEMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ApplicationTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'FileTransferTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'MailTrafficAudit')
 

rpt2003-06-11.rpt - Network Traffic Audit - Application Traffic
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."TOOLALIAS", "NETWORKAUDIT_1"."SOURCEMACHINE", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."INTERFACE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."SOURCEPORT", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ApplicationTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'FileTransferTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'MailTrafficAudit') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-06.rpt - Network Traffic Audit
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME", "NETWORKAUDIT_1"."SOURCEMACHINE", "NETWORKAUDIT_1"."DESTINATIONMACHINE", "NETWORKAUDIT_1"."SOURCEPORT", "NETWORKAUDIT_1"."DESTINATIONPORT", "NETWORKAUDIT_1"."ALERTACTIVITYTYPE", "NETWORKAUDIT_1"."PROTOCOL", "NETWORKAUDIT_1"."INTERFACE", "ENCRYPTEDTRAFFICERROR_1"."FAILUREREASON", "ENCRYPTEDTRAFFICERROR_1"."FAILUREPOINT", "ENCRYPTEDTRAFFIC_1"."MODE", "ENCRYPTEDTRAFFIC_1"."PEERIDENTITY", "ENCRYPTEDTRAFFIC_1"."FILTER", "ENCRYPTEDTRAFFIC_1"."PARAMETERS", "WEBTRAFFICAUDIT_1"."URL", "WEBTRAFFICAUDIT_1"."CATEGORY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKAUDIT" "NETWORKAUDIT_1", "PUBLIC"."PUBLIC"."WEBTRAFFICAUDIT" "WEBTRAFFICAUDIT_1", "PUBLIC"."PUBLIC"."ENCRYPTEDTRAFFIC" "ENCRYPTEDTRAFFIC_1", "PUBLIC"."PUBLIC"."ENCRYPTEDTRAFFICERROR" "ENCRYPTEDTRAFFICERROR_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("NETWORKAUDIT_1"."UUID_"="WEBTRAFFICAUDIT_1"."UUID_") AND ("NETWORKAUDIT_1"."UUID_"="ENCRYPTEDTRAFFIC_1"."UUID_") AND ("NETWORKAUDIT_1"."UUID_"="ENCRYPTEDTRAFFICERROR_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NETWORKAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ApplicationTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'ConfigurationTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'CoreTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'EncryptedTraffic' OR "GENERICALERT_1"."ALERTID"=N'EncryptedTrafficError' OR "GENERICALERT_1"."ALERTID"=N'FileSystemTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'FileTransferTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'ICMPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'IPSecTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'IPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'LinkControlTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'MailTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'NamingTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'NetworkAudit' OR "GENERICALERT_1"."ALERTID"=N'NTPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'PointToPointTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'PPTPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'RemoteProcedureTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'RIPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'RoutingTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'RPCTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'TCPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'TimeTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'UDPTrafficAudit' OR "GENERICALERT_1"."ALERTID"=N'WebTrafficAudit')
 

rpt2003-07-01.rpt - Network Events: Suspicious Behavior - Application Enumerate
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ApplicationEnumerate' OR "GENERICALERT_1"."ALERTID"=N'FileTransferEnumerate' OR "GENERICALERT_1"."ALERTID"=N'FTPCommandEnumerate' OR "GENERICALERT_1"."ALERTID"=N'MailEnumerate' OR "GENERICALERT_1"."ALERTID"=N'SMTPCommandEnumerate' OR "GENERICALERT_1"."ALERTID"=N'WebEnumerate') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-02.rpt - Network Events: Suspicious Behavior - Banner Grabbing Enumerate
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'BannerGrabbingEnumerate' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-03.rpt - Network Events: Suspicious Behavior - Core Scan
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'CoreScan' OR "GENERICALERT_1"."ALERTID"=N'ICMPPingSweep' OR "GENERICALERT_1"."ALERTID"=N'PingSweep' OR "GENERICALERT_1"."ALERTID"=N'TCPPingSweep') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-04.rpt - Network Events: Suspicious Behavior - Enumerate
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'Enumerate' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-05.rpt - Network Events: Suspicious Behavior - Footprint
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'DNSRequestFootprint' OR "GENERICALERT_1"."ALERTID"=N'FirewalkingFootprint' OR "GENERICALERT_1"."ALERTID"=N'Footprint' OR "GENERICALERT_1"."ALERTID"=N'TraceRouteFootprint') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-06.rpt - Network Events: Suspicious Behavior - Host Scan
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'HostScan' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-07.rpt - Network Events: Suspicious Behavior - ICMP Query
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ICMPQuery' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-08.rpt - Network Events: Suspicious Behavior - MS Network Enumerate
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'MSNetworkingEnumerate' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-09.rpt - Network Events: Suspicious Behavior - Network Suspicious
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'NetworkSuspicious' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-10.rpt - Network Events: Suspicious Behavior - Port Scan
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'PortScan' OR "GENERICALERT_1"."ALERTID"=N'TCPPortScan' OR "GENERICALERT_1"."ALERTID"=N'UDPPortScan') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-11.rpt - Network Events: Suspicious Behavior - Recon
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'Recon' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-12.rpt - Network Events: Suspicious Behavior - Remote Procedure Enumerate
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'RemoteProcedureEnumerate' OR "GENERICALERT_1"."ALERTID"=N'RpcPortScanEnumerate') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-13.rpt - Network Events: Suspicious Behavior - Scan
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'Scan' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-14.rpt - Network Events: Suspicious Behavior - Stack Fingerprint
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ICMPStackFingerprint' OR "GENERICALERT_1"."ALERTID"=N'StackFingerprint' OR "GENERICALERT_1"."ALERTID"=N'TCPStackFingerprint') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-15.rpt - Network Events: Suspicious Behavior - Trojan Scanner
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME", "TROJANSCANNER_1"."TROJANNAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1", "PUBLIC"."PUBLIC"."TROJANSCANNER" "TROJANSCANNER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("NETWORKSUSPICIOUS_1"."UUID_"="TROJANSCANNER_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'TrojanScanner' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-16.rpt - Network Events: Suspicious Behavior - Unusual Traffic
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'UnusualICMPTraffic' OR "GENERICALERT_1"."ALERTID"=N'UnusualIPTraffic' OR "GENERICALERT_1"."ALERTID"=N'UnusualProtocol' OR "GENERICALERT_1"."ALERTID"=N'UnusualTCPTraffic' OR "GENERICALERT_1"."ALERTID"=N'UnusualTraffic' OR "GENERICALERT_1"."ALERTID"=N'UnusualUDPTraffic') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07-17.rpt - Network Events: Suspicious Behavior - General Security
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'GeneralSecurity' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-07.rpt - Network Events: Suspicious Behavior
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKSUSPICIOUS_1"."SOURCEMACHINE", "NETWORKSUSPICIOUS_1"."DESTINATIONMACHINE", "NETWORKSUSPICIOUS_1"."SOURCEPORT", "NETWORKSUSPICIOUS_1"."DESTINATIONPORT", "NETWORKSUSPICIOUS_1"."ALERTACTIVITYTYPE", "NETWORKSUSPICIOUS_1"."PROTOCOL", "NETWORKSUSPICIOUS_1"."INTERFACE", "TROJANSCANNER_1"."TROJANNAME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKSUSPICIOUS" "NETWORKSUSPICIOUS_1", "PUBLIC"."PUBLIC"."TROJANSCANNER" "TROJANSCANNER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("NETWORKSUSPICIOUS_1"."UUID_"="TROJANSCANNER_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NETWORKSUSPICIOUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ApplicationEnumerate' OR "GENERICALERT_1"."ALERTID"=N'BannerGrabbingEnumerate' OR "GENERICALERT_1"."ALERTID"=N'CoreScan' OR "GENERICALERT_1"."ALERTID"=N'DNSRequestFootprint' OR "GENERICALERT_1"."ALERTID"=N'Enumerate' OR "GENERICALERT_1"."ALERTID"=N'FileTransferEnumerate' OR "GENERICALERT_1"."ALERTID"=N'FirewalkingFootprint' OR "GENERICALERT_1"."ALERTID"=N'Footprint' OR "GENERICALERT_1"."ALERTID"=N'FTPCommandEnumerate' OR "GENERICALERT_1"."ALERTID"=N'GeneralSecurity' OR "GENERICALERT_1"."ALERTID"=N'HostScan' OR "GENERICALERT_1"."ALERTID"=N'ICMPPingSweep' OR "GENERICALERT_1"."ALERTID"=N'ICMPQuery' OR "GENERICALERT_1"."ALERTID"=N'ICMPStackFingerprint' OR "GENERICALERT_1"."ALERTID"=N'MailEnumerate' OR "GENERICALERT_1"."ALERTID"=N'MSNetworkingEnumerate' OR "GENERICALERT_1"."ALERTID"=N'NetworkSuspicious' OR "GENERICALERT_1"."ALERTID"=N'PingSweep' OR "GENERICALERT_1"."ALERTID"=N'PortScan' OR "GENERICALERT_1"."ALERTID"=N'Recon' OR "GENERICALERT_1"."ALERTID"=N'RemoteProcedureEnumerate' OR "GENERICALERT_1"."ALERTID"=N'RpcPortScanEnumerate' OR "GENERICALERT_1"."ALERTID"=N'Scan' OR "GENERICALERT_1"."ALERTID"=N'SMTPCommandEnumerate' OR "GENERICALERT_1"."ALERTID"=N'StackFingerprint' OR "GENERICALERT_1"."ALERTID"=N'TCPPingSweep' OR "GENERICALERT_1"."ALERTID"=N'TCPPortScan' OR "GENERICALERT_1"."ALERTID"=N'TCPStackFingerprint' OR "GENERICALERT_1"."ALERTID"=N'TraceRouteFootprint' OR "GENERICALERT_1"."ALERTID"=N'TrojanScanner' OR "GENERICALERT_1"."ALERTID"=N'UDPPortScan' OR "GENERICALERT_1"."ALERTID"=N'UnusualICMPTraffic' OR "GENERICALERT_1"."ALERTID"=N'UnusualIPTraffic' OR "GENERICALERT_1"."ALERTID"=N'UnusualProtocol' OR "GENERICALERT_1"."ALERTID"=N'UnusualTCPTraffic' OR "GENERICALERT_1"."ALERTID"=N'UnusualTraffic' OR "GENERICALERT_1"."ALERTID"=N'UnusualUDPTraffic' OR "GENERICALERT_1"."ALERTID"=N'WebEnumerate')
 

rpt2003-08-01.rpt - Resource Configuration - Authorization Audit
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'AuthAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-08-02.rpt - Resource Configuration - Domain Authorization Audit
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "DOMAINAUTHAUDIT_1"."DESTINATIONDOMAINTYPE", "NEWDOMAINMEMBER_1"."DOMAINMEMBER", "NEWDOMAINMEMBER_1"."MEMBERID", "DELETEDOMAINMEMBER_1"."DOMAINMEMBER", "DELETEDOMAINMEMBER_1"."MEMBERID", "CHANGEDOMAINMEMBER_1"."DOMAINMEMBER", "CHANGEDOMAINMEMBER_1"."MEMBERID", "CHANGEDOMAINMEMBER_1"."CHANGETYPE", "DOMAINMEMBERALIAS_1"."ORIGINALACCOUNT", "DOMAINMEMBERALIAS_1"."ORIGINALACCOUNTID", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."DOMAINAUTHAUDIT" "DOMAINAUTHAUDIT_1", "PUBLIC"."PUBLIC"."NEWDOMAINMEMBER" "NEWDOMAINMEMBER_1", "PUBLIC"."PUBLIC"."DELETEDOMAINMEMBER" "DELETEDOMAINMEMBER_1", "PUBLIC"."PUBLIC"."CHANGEDOMAINMEMBER" "CHANGEDOMAINMEMBER_1", "PUBLIC"."PUBLIC"."DOMAINMEMBERALIAS" "DOMAINMEMBERALIAS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("DOMAINAUTHAUDIT_1"."UUID_"="NEWDOMAINMEMBER_1"."UUID_") AND ("DOMAINAUTHAUDIT_1"."UUID_"="DELETEDOMAINMEMBER_1"."UUID_") AND ("CHANGEDOMAINMEMBER_1"."UUID_"="DOMAINMEMBERALIAS_1"."UUID_") AND ("DOMAINAUTHAUDIT_1"."UUID_"="CHANGEDOMAINMEMBER_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="DOMAINAUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ChangeDomainAttribute' OR "GENERICALERT_1"."ALERTID"=N'ChangeDomainMember' OR "GENERICALERT_1"."ALERTID"=N'DeleteDomain' OR "GENERICALERT_1"."ALERTID"=N'DeleteDomainMember' OR "GENERICALERT_1"."ALERTID"=N'DomainAuthAudit' OR "GENERICALERT_1"."ALERTID"=N'DomainMemberAlias' OR "GENERICALERT_1"."ALERTID"=N'NewDomain' OR "GENERICALERT_1"."ALERTID"=N'NewDomainMember') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-08-03.rpt - Resource Configuration - Group Audit
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NEWGROUPMEMBER_1"."GROUPMEMBER", "NEWGROUPMEMBER_1"."MEMBERID", "DELETEGROUPMEMBER_1"."GROUPMEMBER", "DELETEGROUPMEMBER_1"."MEMBERID", "CHANGEGROUPATTRIBUTE_1"."CHANGEDETAILS", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."NEWGROUPMEMBER" "NEWGROUPMEMBER_1", "PUBLIC"."PUBLIC"."DELETEGROUPMEMBER" "DELETEGROUPMEMBER_1", "PUBLIC"."PUBLIC"."CHANGEGROUPATTRIBUTE" "CHANGEGROUPATTRIBUTE_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NEWGROUPMEMBER_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="DELETEGROUPMEMBER_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="CHANGEGROUPATTRIBUTE_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ChangeGroupAttribute' OR "GENERICALERT_1"."ALERTID"=N'DeleteGroup' OR "GENERICALERT_1"."ALERTID"=N'DeleteGroupMember' OR "GENERICALERT_1"."ALERTID"=N'GroupAudit' OR "GENERICALERT_1"."ALERTID"=N'NewGroup' OR "GENERICALERT_1"."ALERTID"=N'NewGroupMember') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-08-04.rpt - Resource Configuration - Machine Authorization Audit
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "UNIQUENODEIDENTIFIER_1"."NAME", "MACHINELOGOFF_1"."LOGONTYPE", "MACHINELOGON_1"."LOGONPROCESS", "MACHINELOGON_1"."LOGONTYPE", "MACHINELOGONFAILURE_1"."LOGONPROCESS", "MACHINELOGONFAILURE_1"."AUTHPACKAGE", "MACHINELOGONFAILURE_1"."LOGONTYPE", "MACHINELOGONFAILURE_1"."FAILUREREASON", "MACHINELOGONFAILURE_1"."FAILURECOUNT" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."MACHINELOGONFAILURE" "MACHINELOGONFAILURE_1", "PUBLIC"."PUBLIC"."MACHINELOGON" "MACHINELOGON_1", "PUBLIC"."PUBLIC"."MACHINELOGOFF" "MACHINELOGOFF_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("AUTHAUDIT_1"."UUID_"="MACHINELOGONFAILURE_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="MACHINELOGON_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="MACHINELOGOFF_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'MachineAuthAudit' OR "GENERICALERT_1"."ALERTID"=N'MachineAuthTicket' OR "GENERICALERT_1"."ALERTID"=N'MachineAuthTicketFailure' OR "GENERICALERT_1"."ALERTID"=N'MachineDisable' OR "GENERICALERT_1"."ALERTID"=N'MachineEnable' OR "GENERICALERT_1"."ALERTID"=N'MachineModifyAttribute' OR "GENERICALERT_1"."ALERTID"=N'MachineModifyPrivileges') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-08-05.rpt - Resource Configuration - User Authorization Audit
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "USERMODIFYATTRIBUTE_1"."MODIFICATION", "USERMODIFYPRIVILEGES_1"."ACCESSGRANTED", "USERMODIFYPRIVILEGES_1"."ACCESSTARGET", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."USERMODIFYPRIVILEGES" "USERMODIFYPRIVILEGES_1", "PUBLIC"."PUBLIC"."USERMODIFYATTRIBUTE" "USERMODIFYATTRIBUTE_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="USERMODIFYPRIVILEGES_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="USERMODIFYATTRIBUTE_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'UserAuthAudit' OR "GENERICALERT_1"."ALERTID"=N'UserAuthTicket' OR "GENERICALERT_1"."ALERTID"=N'UserAuthTicketFailure' OR "GENERICALERT_1"."ALERTID"=N'UserDisable' OR "GENERICALERT_1"."ALERTID"=N'UserEnable' OR "GENERICALERT_1"."ALERTID"=N'UserModifyAttribute' OR "GENERICALERT_1"."ALERTID"=N'UserModifyPrivileges') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-08-06.rpt - Resource Configuration - Policy Audit
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "POLICYACCESS_1"."SOURCEACCOUNT", "POLICYACCESS_1"."SOURCEDOMAIN", "POLICYACCESS_1"."SOURCELOGONID", "POLICYACCESS_1"."DESTINATIONDOMAINID", "POLICYACCESS_1"."SOURCEMACHINE", "POLICYMODIFY_1"."CHANGEDETAILS", "DOMAINPOLICYMODIFY_1"."PRIVILEGESEXERCISED", "POLICYSCOPECHANGE_1"."MODIFICATIONTYPE", "POLICYSCOPECHANGE_1"."POLICYNAME", "POLICYSCOPECHANGE_1"."DESTINATIONACCOUNT", "GROUPPOLICYMODIFY_1"."PRIVILEGESUSED", "NEWAUTHPOLICY_1"."MECHANISMTYPE", "NEWAUTHPOLICY_1"."MECHANISMNAME", "UNIQUENODEIDENTIFIER_1"."NAME", "POLICYAUDIT_1"."DESTINATIONDOMAIN" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."POLICYAUDIT" "POLICYAUDIT_1", "PUBLIC"."PUBLIC"."NEWAUTHPOLICY" "NEWAUTHPOLICY_1", "PUBLIC"."PUBLIC"."POLICYACCESS" "POLICYACCESS_1", "PUBLIC"."PUBLIC"."GROUPPOLICYMODIFY" "GROUPPOLICYMODIFY_1", "PUBLIC"."PUBLIC"."POLICYSCOPECHANGE" "POLICYSCOPECHANGE_1", "PUBLIC"."PUBLIC"."POLICYMODIFY" "POLICYMODIFY_1", "PUBLIC"."PUBLIC"."DOMAINPOLICYMODIFY" "DOMAINPOLICYMODIFY_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("POLICYAUDIT_1"."UUID_"="NEWAUTHPOLICY_1"."UUID_") AND ("POLICYACCESS_1"."UUID_"="GROUPPOLICYMODIFY_1"."UUID_") AND ("POLICYACCESS_1"."UUID_"="POLICYSCOPECHANGE_1"."UUID_") AND ("POLICYMODIFY_1"."UUID_"="DOMAINPOLICYMODIFY_1"."UUID_") AND ("POLICYACCESS_1"."UUID_"="POLICYMODIFY_1"."UUID_") AND ("POLICYAUDIT_1"."UUID_"="POLICYACCESS_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="POLICYAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'DomainPolicyModify' OR "GENERICALERT_1"."ALERTID"=N'GroupPolicyModify' OR "GENERICALERT_1"."ALERTID"=N'NewAuthPolicy' OR "GENERICALERT_1"."ALERTID"=N'PolicyAccess' OR "GENERICALERT_1"."ALERTID"=N'PolicyAudit' OR "GENERICALERT_1"."ALERTID"=N'PolicyModify' OR "GENERICALERT_1"."ALERTID"=N'PolicyScopeChange') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-08.rpt - Resource Configuration
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "CHANGEDOMAINMEMBER_1"."DOMAINMEMBER", "CHANGEDOMAINMEMBER_1"."MEMBERID", "CHANGEDOMAINMEMBER_1"."CHANGETYPE", "CHANGEGROUPATTRIBUTE_1"."CHANGEDETAILS", "DELETEDOMAINMEMBER_1"."DOMAINMEMBER", "DELETEDOMAINMEMBER_1"."MEMBERID", "DELETEGROUPMEMBER_1"."GROUPMEMBER", "DELETEGROUPMEMBER_1"."MEMBERID", "DOMAINAUTHAUDIT_1"."DESTINATIONDOMAINTYPE", "DOMAINMEMBERALIAS_1"."ORIGINALACCOUNT", "DOMAINMEMBERALIAS_1"."ORIGINALACCOUNTID", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "USERMODIFYPRIVILEGES_1"."ACCESSGRANTED", "USERMODIFYPRIVILEGES_1"."ACCESSTARGET", "NEWDOMAINMEMBER_1"."DOMAINMEMBER", "NEWDOMAINMEMBER_1"."MEMBERID", "NEWGROUPMEMBER_1"."GROUPMEMBER", "NEWGROUPMEMBER_1"."MEMBERID", "USERMODIFYATTRIBUTE_1"."MODIFICATION", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "DOMAINPOLICYMODIFY_1"."PRIVILEGESEXERCISED", "GROUPPOLICYMODIFY_1"."PRIVILEGESUSED", "NEWAUTHPOLICY_1"."MECHANISMTYPE", "NEWAUTHPOLICY_1"."MECHANISMNAME", "POLICYACCESS_1"."SOURCEACCOUNT", "POLICYACCESS_1"."SOURCEDOMAIN", "POLICYACCESS_1"."SOURCELOGONID", "POLICYACCESS_1"."DESTINATIONDOMAINID", "POLICYACCESS_1"."SOURCEMACHINE", "POLICYAUDIT_1"."DESTINATIONDOMAIN", "POLICYSCOPECHANGE_1"."MODIFICATIONTYPE", "POLICYSCOPECHANGE_1"."POLICYNAME", "POLICYSCOPECHANGE_1"."DESTINATIONACCOUNT", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."POLICYAUDIT" "POLICYAUDIT_1", "PUBLIC"."PUBLIC"."NEWAUTHPOLICY" "NEWAUTHPOLICY_1", "PUBLIC"."PUBLIC"."POLICYACCESS" "POLICYACCESS_1", "PUBLIC"."PUBLIC"."GROUPPOLICYMODIFY" "GROUPPOLICYMODIFY_1", "PUBLIC"."PUBLIC"."POLICYSCOPECHANGE" "POLICYSCOPECHANGE_1", "PUBLIC"."PUBLIC"."POLICYMODIFY" "POLICYMODIFY_1", "PUBLIC"."PUBLIC"."DOMAINPOLICYMODIFY" "DOMAINPOLICYMODIFY_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."USERMODIFYPRIVILEGES" "USERMODIFYPRIVILEGES_1", "PUBLIC"."PUBLIC"."USERMODIFYATTRIBUTE" "USERMODIFYATTRIBUTE_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1", "PUBLIC"."PUBLIC"."CHANGEGROUPATTRIBUTE" "CHANGEGROUPATTRIBUTE_1", "PUBLIC"."PUBLIC"."DELETEGROUPMEMBER" "DELETEGROUPMEMBER_1", "PUBLIC"."PUBLIC"."NEWGROUPMEMBER" "NEWGROUPMEMBER_1", "PUBLIC"."PUBLIC"."DOMAINAUTHAUDIT" "DOMAINAUTHAUDIT_1", "PUBLIC"."PUBLIC"."CHANGEDOMAINMEMBER" "CHANGEDOMAINMEMBER_1", "PUBLIC"."PUBLIC"."DOMAINMEMBERALIAS" "DOMAINMEMBERALIAS_1", "PUBLIC"."PUBLIC"."DELETEDOMAINMEMBER" "DELETEDOMAINMEMBER_1", "PUBLIC"."PUBLIC"."NEWDOMAINMEMBER" "NEWDOMAINMEMBER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("POLICYAUDIT_1"."UUID_"="NEWAUTHPOLICY_1"."UUID_") AND ("POLICYACCESS_1"."UUID_"="GROUPPOLICYMODIFY_1"."UUID_") AND ("POLICYACCESS_1"."UUID_"="POLICYSCOPECHANGE_1"."UUID_") AND ("POLICYMODIFY_1"."UUID_"="DOMAINPOLICYMODIFY_1"."UUID_") AND ("POLICYACCESS_1"."UUID_"="POLICYMODIFY_1"."UUID_") AND ("POLICYAUDIT_1"."UUID_"="POLICYACCESS_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="POLICYAUDIT_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="USERMODIFYPRIVILEGES_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="USERMODIFYATTRIBUTE_1"."UUID_") AND ("GROUPAUDIT_1"."UUID_"="CHANGEGROUPATTRIBUTE_1"."UUID_") AND ("GROUPAUDIT_1"."UUID_"="DELETEGROUPMEMBER_1"."UUID_") AND ("GROUPAUDIT_1"."UUID_"="NEWGROUPMEMBER_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("CHANGEDOMAINMEMBER_1"."UUID_"="DOMAINMEMBERALIAS_1"."UUID_") AND ("DOMAINAUTHAUDIT_1"."UUID_"="CHANGEDOMAINMEMBER_1"."UUID_") AND ("DOMAINAUTHAUDIT_1"."UUID_"="DELETEDOMAINMEMBER_1"."UUID_") AND ("DOMAINAUTHAUDIT_1"."UUID_"="NEWDOMAINMEMBER_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="DOMAINAUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'AuthAudit' OR "GENERICALERT_1"."ALERTID"=N'ChangeDomainAttribute' OR "GENERICALERT_1"."ALERTID"=N'ChangeDomainMember' OR "GENERICALERT_1"."ALERTID"=N'ChangeGroupAttribute' OR "GENERICALERT_1"."ALERTID"=N'DeleteDomain' OR "GENERICALERT_1"."ALERTID"=N'DeleteDomainMember' OR "GENERICALERT_1"."ALERTID"=N'DeleteGroup' OR "GENERICALERT_1"."ALERTID"=N'DeleteGroupMember' OR "GENERICALERT_1"."ALERTID"=N'DomainAuthAudit' OR "GENERICALERT_1"."ALERTID"=N'DomainMemberAlias' OR "GENERICALERT_1"."ALERTID"=N'DomainPolicyModify' OR "GENERICALERT_1"."ALERTID"=N'GroupAudit' OR "GENERICALERT_1"."ALERTID"=N'GroupPolicyModify' OR "GENERICALERT_1"."ALERTID"=N'MachineAuthAudit' OR "GENERICALERT_1"."ALERTID"=N'MachineAuthTicket' OR "GENERICALERT_1"."ALERTID"=N'MachineAuthTicketFailure' OR "GENERICALERT_1"."ALERTID"=N'MachineDisable' OR "GENERICALERT_1"."ALERTID"=N'MachineEnable' OR "GENERICALERT_1"."ALERTID"=N'MachineModifyAttribute' OR "GENERICALERT_1"."ALERTID"=N'MachineModifyPrivileges' OR "GENERICALERT_1"."ALERTID"=N'NewAuthPolicy' OR "GENERICALERT_1"."ALERTID"=N'NewDomain' OR "GENERICALERT_1"."ALERTID"=N'NewDomainMember' OR "GENERICALERT_1"."ALERTID"=N'NewGroup' OR "GENERICALERT_1"."ALERTID"=N'NewGroupMember' OR "GENERICALERT_1"."ALERTID"=N'PolicyAccess' OR "GENERICALERT_1"."ALERTID"=N'PolicyAudit' OR "GENERICALERT_1"."ALERTID"=N'PolicyModify' OR "GENERICALERT_1"."ALERTID"=N'PolicyScopeChange' OR "GENERICALERT_1"."ALERTID"=N'UserAuthAudit' OR "GENERICALERT_1"."ALERTID"=N'UserAuthTicket' OR "GENERICALERT_1"."ALERTID"=N'UserAuthTicketFailure' OR "GENERICALERT_1"."ALERTID"=N'UserDisable' OR "GENERICALERT_1"."ALERTID"=N'UserEnable' OR "GENERICALERT_1"."ALERTID"=N'UserModifyAttribute' OR "GENERICALERT_1"."ALERTID"=N'UserModifyPrivileges')
 

rpt2003-09-010.rpt - Machine Audit - File System Audit
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'FileSystemAudit' OR "GENERICALERT_1"."ALERTID"=N'MountFileSystem' OR "GENERICALERT_1"."ALERTID"=N'UnmountFileSystem') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-011.rpt - Machine Audit - File System Audit - File System Audit
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileSystemAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-012.rpt - Machine Audit - File System Audit - Mount File System
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'MountFileSystem' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-013.rpt - Machine Audit - File System Audit - Unmount File System
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'UnmountFileSystem' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-021.rpt - Machine Audit - System Audit - Machine Audit
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'MachineAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-022.rpt - Machine Audit - System Audit - System Reboot
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'SystemReboot' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-023.rpt - Machine Audit - System Audit - System Shutdown
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'SystemShutdown' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-024.rpt - Machine Audit - System Audit - System Status
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "SYSTEMSTATUS_1"."SOURCEACCOUNT", "SYSTEMSTATUS_1"."SOURCEDOMAIN", "SYSTEMSTATUS_1"."STATUSLEVEL", "SYSTEMSTATUS_1"."STATUSMESSAGE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."SYSTEMSTATUS" "SYSTEMSTATUS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="SYSTEMSTATUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'SystemStatus' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-030.rpt - Machine Audit - Process Audit
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME", "PROCESSAUDIT_1"."SOURCEACCOUNT", "PROCESSAUDIT_1"."SOURCEDOMAIN", "PROCESSAUDIT_1"."SOURCELOGONID", "PROCESSINFO_1"."EVENTMESSAGE", "PROCESSSTART_1"."IMAGEFILE", "PROCESSSTART_1"."PARENTPID", "PROCESSSTOP_1"."STOPCONDITION", "PROCESSSTOP_1"."EVENTMESSAGE", "PROCESSWARNING_1"."EVENTMESSAGE" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."PROCESSAUDIT" "PROCESSAUDIT_1", "PUBLIC"."PUBLIC"."PROCESSWARNING" "PROCESSWARNING_1", "PUBLIC"."PUBLIC"."PROCESSSTOP" "PROCESSSTOP_1", "PUBLIC"."PUBLIC"."PROCESSSTART" "PROCESSSTART_1", "PUBLIC"."PUBLIC"."PROCESSINFO" "PROCESSINFO_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("PROCESSAUDIT_1"."UUID_"="PROCESSWARNING_1"."UUID_") AND ("PROCESSAUDIT_1"."UUID_"="PROCESSSTOP_1"."UUID_") AND ("PROCESSAUDIT_1"."UUID_"="PROCESSSTART_1"."UUID_") AND ("PROCESSAUDIT_1"."UUID_"="PROCESSINFO_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="PROCESSAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ProcessAudit' OR "GENERICALERT_1"."ALERTID"=N'ProcessInfo' OR "GENERICALERT_1"."ALERTID"=N'ProcessStart' OR "GENERICALERT_1"."ALERTID"=N'ProcessStop' OR "GENERICALERT_1"."ALERTID"=N'ProcessWarning')
 

rpt2003-09-031.rpt - Machine Audit - Process Audit - Process Audit
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "PROCESSAUDIT_1"."SOURCEACCOUNT", "PROCESSAUDIT_1"."SOURCEDOMAIN", "PROCESSAUDIT_1"."SOURCELOGONID", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."PROCESSAUDIT" "PROCESSAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="PROCESSAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ProcessAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-032.rpt - Machine Audit - Process Audit - Process Info
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "PROCESSAUDIT_1"."SOURCEACCOUNT", "PROCESSAUDIT_1"."SOURCEDOMAIN", "PROCESSAUDIT_1"."SOURCELOGONID", "UNIQUENODEIDENTIFIER_1"."NAME", "PROCESSINFO_1"."EVENTMESSAGE" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."PROCESSAUDIT" "PROCESSAUDIT_1", "PUBLIC"."PUBLIC"."PROCESSINFO" "PROCESSINFO_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("PROCESSAUDIT_1"."UUID_"="PROCESSINFO_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="PROCESSAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ProcessInfo' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-033.rpt - Machine Audit - Process Audit - Process Start
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "PROCESSAUDIT_1"."SOURCEACCOUNT", "PROCESSAUDIT_1"."SOURCEDOMAIN", "PROCESSAUDIT_1"."SOURCELOGONID", "UNIQUENODEIDENTIFIER_1"."NAME", "PROCESSSTART_1"."IMAGEFILE", "PROCESSSTART_1"."PARENTPID" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."PROCESSAUDIT" "PROCESSAUDIT_1", "PUBLIC"."PUBLIC"."PROCESSSTART" "PROCESSSTART_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("PROCESSAUDIT_1"."UUID_"="PROCESSSTART_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="PROCESSAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ProcessStart' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-034.rpt - Machine Audit - Process Audit - Process Stop
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "PROCESSAUDIT_1"."SOURCEACCOUNT", "PROCESSAUDIT_1"."SOURCEDOMAIN", "PROCESSAUDIT_1"."SOURCELOGONID", "UNIQUENODEIDENTIFIER_1"."NAME", "PROCESSSTOP_1"."STOPCONDITION", "PROCESSSTOP_1"."EVENTMESSAGE" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."PROCESSAUDIT" "PROCESSAUDIT_1", "PUBLIC"."PUBLIC"."PROCESSSTOP" "PROCESSSTOP_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("PROCESSAUDIT_1"."UUID_"="PROCESSSTOP_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="PROCESSAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ProcessStop' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-035.rpt - Machine Audit - Process Audit - Process Warning
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "PROCESSAUDIT_1"."SOURCEACCOUNT", "PROCESSAUDIT_1"."SOURCEDOMAIN", "PROCESSAUDIT_1"."SOURCELOGONID", "UNIQUENODEIDENTIFIER_1"."NAME", "PROCESSWARNING_1"."EVENTMESSAGE" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."PROCESSAUDIT" "PROCESSAUDIT_1", "PUBLIC"."PUBLIC"."PROCESSWARNING" "PROCESSWARNING_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("PROCESSAUDIT_1"."UUID_"="PROCESSWARNING_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="PROCESSAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ProcessWarning' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-040.rpt - Machine Audit - Service Audit
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "SERVICEAUDIT_1"."SERVICENAME", "SERVICEAUDIT_1"."SOURCEACCOUNT", "SERVICEAUDIT_1"."SOURCEDOMAIN", "SERVICESTART_1"."STARTMESSAGE", "SERVICESTOP_1"."STOPCONDITION", "SERVICESTOP_1"."STOPMESSAGE", "SERVICEWARNING_1"."WARNINGMESSAGE", "SERVICEINFO_1"."INFOMESSAGE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."SERVICEAUDIT" "SERVICEAUDIT_1", "PUBLIC"."PUBLIC"."SERVICEWARNING" "SERVICEWARNING_1", "PUBLIC"."PUBLIC"."SERVICESTOP" "SERVICESTOP_1", "PUBLIC"."PUBLIC"."SERVICESTART" "SERVICESTART_1", "PUBLIC"."PUBLIC"."SERVICEINFO" "SERVICEINFO_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("SERVICEAUDIT_1"."UUID_"="SERVICEWARNING_1"."UUID_") AND ("SERVICEAUDIT_1"."UUID_"="SERVICESTOP_1"."UUID_") AND ("SERVICEAUDIT_1"."UUID_"="SERVICESTART_1"."UUID_") AND ("SERVICEAUDIT_1"."UUID_"="SERVICEINFO_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="SERVICEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ServiceAudit' OR "GENERICALERT_1"."ALERTID"=N'ServiceInfo' OR "GENERICALERT_1"."ALERTID"=N'ServiceStart' OR "GENERICALERT_1"."ALERTID"=N'ServiceStop' OR "GENERICALERT_1"."ALERTID"=N'ServiceWarning') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-041.rpt - Machine Audit - Service Audit - Service Info
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "SERVICEAUDIT_1"."SERVICENAME", "SERVICEAUDIT_1"."SOURCEACCOUNT", "SERVICEAUDIT_1"."SOURCEDOMAIN", "SERVICEINFO_1"."INFOMESSAGE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."SERVICEAUDIT" "SERVICEAUDIT_1", "PUBLIC"."PUBLIC"."SERVICEINFO" "SERVICEINFO_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("SERVICEAUDIT_1"."UUID_"="SERVICEINFO_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="SERVICEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ServiceInfo' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-042.rpt - Machine Audit - Service Audit - Service Start
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "SERVICEAUDIT_1"."SERVICENAME", "SERVICEAUDIT_1"."SOURCEACCOUNT", "SERVICEAUDIT_1"."SOURCEDOMAIN", "UNIQUENODEIDENTIFIER_1"."NAME", "SERVICESTART_1"."STARTMESSAGE" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."SERVICEAUDIT" "SERVICEAUDIT_1", "PUBLIC"."PUBLIC"."SERVICESTART" "SERVICESTART_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("SERVICEAUDIT_1"."UUID_"="SERVICESTART_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="SERVICEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ServiceStart' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-043.rpt - Machine Audit - Service Audit - Service Stop
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "SERVICEAUDIT_1"."SERVICENAME", "SERVICEAUDIT_1"."SOURCEACCOUNT", "SERVICEAUDIT_1"."SOURCEDOMAIN", "UNIQUENODEIDENTIFIER_1"."NAME", "SERVICESTOP_1"."STOPCONDITION", "SERVICESTOP_1"."STOPMESSAGE" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."SERVICEAUDIT" "SERVICEAUDIT_1", "PUBLIC"."PUBLIC"."SERVICESTOP" "SERVICESTOP_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("SERVICEAUDIT_1"."UUID_"="SERVICESTOP_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="SERVICEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ServiceStop' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-044.rpt - Machine Audit - Service Audit - Service Warning
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "SERVICEAUDIT_1"."SERVICENAME", "SERVICEAUDIT_1"."SOURCEACCOUNT", "SERVICEAUDIT_1"."SOURCEDOMAIN", "UNIQUENODEIDENTIFIER_1"."NAME", "SERVICEWARNING_1"."WARNINGMESSAGE" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."SERVICEAUDIT" "SERVICEAUDIT_1", "PUBLIC"."PUBLIC"."SERVICEWARNING" "SERVICEWARNING_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("SERVICEAUDIT_1"."UUID_"="SERVICEWARNING_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="SERVICEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ServiceWarning' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-09-050.rpt - Machine Audit - USB Defender
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "SYSTEMSTATUS_1"."SOURCEACCOUNT", "SYSTEMSTATUS_1"."SOURCEDOMAIN", "SYSTEMSTATUS_1"."STATUSLEVEL", "SYSTEMSTATUS_1"."STATUSMESSAGE", "UNIQUENODEIDENTIFIER_1"."NAME", "FILEAUDIT_1"."SOURCEACCOUNT", "FILEAUDIT_1"."SOURCEDOMAIN", "FILEAUDIT_1"."FILENAME", "FILEAUDIT_1"."OPERATIONTYPE" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."FILEAUDIT" "FILEAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."SYSTEMSTATUS" "SYSTEMSTATUS_1" WHERE ("GENERICALERT_1"."UUID_"="FILEAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="SYSTEMSTATUS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'FileAttributeChange' OR "GENERICALERT_1"."ALERTID"=N'FileCreate' OR "GENERICALERT_1"."ALERTID"=N'FileDelete' OR "GENERICALERT_1"."ALERTID"=N'FileExecute' OR "GENERICALERT_1"."ALERTID"=N'FileWrite' OR "GENERICALERT_1"."ALERTID"=N'SystemStatus') AND "GENERICALERT_1"."PROVIDERSID" LIKE N'%USB-Defender%' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-10-00.rpt - Console - Overview
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."SEVERITY" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1" WHERE ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."DETECTIONIP" LIKE N'%' AND "GENERICALERT_1"."ALERTID" LIKE N'%'
 

rpt2003-10.rpt - Console
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-00.rpt - Network Events: Attack Behavior
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'Access' OR "GENERICALERT_1"."ALERTID"=N'Denial' OR "GENERICALERT_1"."ALERTID"=N'NetworkAttack' OR "GENERICALERT_1"."ALERTID"=N'Relay') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-01.rpt - Network Events: Attack Behavior - Access - Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'Access' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-02.rpt - Network Events: Attack Behavior - Access - Application Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ApplicationAccess' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-03.rpt - Network Events: Attack Behavior - Access - Configuration Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ConfigurationAccess' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-04.rpt - Network Events: Attack Behavior - Access - Core Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'CoreAccess' OR "GENERICALERT_1"."ALERTID"=N'ICMPRedirectAccess' OR "GENERICALERT_1"."ALERTID"=N'IPFragmentationAccess' OR "GENERICALERT_1"."ALERTID"=N'IPSourceRouteAccess' OR "GENERICALERT_1"."ALERTID"=N'IPSpoofAccess' OR "GENERICALERT_1"."ALERTID"=N'TCPHijackAccess' OR "GENERICALERT_1"."ALERTID"=N'TCPTunnelingAccess') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-05.rpt - Network Events: Attack Behavior - Access - Database Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'DataBaseAccess' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-06.rpt - Network Events: Attack Behavior - Access - File System Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'FileSystemAccess' OR "GENERICALERT_1"."ALERTID"=N'NFSAccess' OR "GENERICALERT_1"."ALERTID"=N'SMBAccess') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-07.rpt - Network Events: Attack Behavior - Access - File Transfer Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME", "FTPFILEACCESS_1"."FILENAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."FTPFILEACCESS" "FTPFILEACCESS_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("NETWORKATTACK_1"."UUID_"="FTPFILEACCESS_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'FileTransferAccess' OR "GENERICALERT_1"."ALERTID"=N'FTPCommandAccess' OR "GENERICALERT_1"."ALERTID"=N'FTPFileAccess' OR "GENERICALERT_1"."ALERTID"=N'FTPInvalidFormatAccess') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-08.rpt - Network Events: Attack Behavior - Access - Link Control Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'LinkControlAccess' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-09.rpt - Network Events: Attack Behavior - Access - Mail Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'MailAccess' OR "GENERICALERT_1"."ALERTID"=N'MailDeliveryAccess' OR "GENERICALERT_1"."ALERTID"=N'MailServiceAccess' OR "GENERICALERT_1"."ALERTID"=N'MailTransferAccess' OR "GENERICALERT_1"."ALERTID"=N'MajordomoAccess' OR "GENERICALERT_1"."ALERTID"=N'SmailAccess' OR "GENERICALERT_1"."ALERTID"=N'SMTPCommandAccess' OR "GENERICALERT_1"."ALERTID"=N'SMTPInvalidFormatAccess') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-10.rpt - Network Events: Attack Behavior - Access - Naming Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'NamingAccess' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-11.rpt - Network Events: Attack Behavior - Access - News Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'NewsAccess' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-12.rpt - Network Events: Attack Behavior - Access - Point to Point Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'PointToPointAccess' OR "GENERICALERT_1"."ALERTID"=N'PPTPSpoof') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-13.rpt - Network Events: Attack Behavior - Access - Printer Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'PrinterAccess' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-14.rpt - Network Events: Attack Behavior - Access - Remote Console Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'RemoteConsoleAccess' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-15.rpt - Network Events: Attack Behavior - Access - Remote Procedure Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'RemoteProcedureAccess' OR "GENERICALERT_1"."ALERTID"=N'RPCPortmapperAccess') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-16.rpt - Network Events: Attack Behavior - Access - Routing Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'MalformedRIPAccess' OR "GENERICALERT_1"."ALERTID"=N'RoutingAccess') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-17.rpt - Network Events: Attack Behavior - Access - Time Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'TimeAccess' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-18.rpt - Network Events: Attack Behavior - Access - Web Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'FraudulentCertificateAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPAdministrationAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPApplicationAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPClientAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPDynamicContentAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPFileRequestAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPInvalidFormatAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPServerAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPServiceAccess' OR "GENERICALERT_1"."ALERTID"=N'ProhibitedHTTPControlAccess' OR "GENERICALERT_1"."ALERTID"=N'WebAccess') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11-19.rpt - Network Events: Attack Behavior - Access - Virus Traffic Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'TrojanCommandAccess' OR "GENERICALERT_1"."ALERTID"=N'TrojanInfectionAccess' OR "GENERICALERT_1"."ALERTID"=N'TrojanTrafficAccess' OR "GENERICALERT_1"."ALERTID"=N'VirusTrafficAccess') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-11.rpt - Network Events: Attack Behavior - Access
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "FTPFILEACCESS_1"."FILENAME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."FTPFILEACCESS" "FTPFILEACCESS_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("NETWORKATTACK_1"."UUID_"="FTPFILEACCESS_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'Access' OR "GENERICALERT_1"."ALERTID"=N'ApplicationAccess' OR "GENERICALERT_1"."ALERTID"=N'ConfigurationAccess' OR "GENERICALERT_1"."ALERTID"=N'CoreAccess' OR "GENERICALERT_1"."ALERTID"=N'DataBaseAccess' OR "GENERICALERT_1"."ALERTID"=N'FileSystemAccess' OR "GENERICALERT_1"."ALERTID"=N'FileTransferAccess' OR "GENERICALERT_1"."ALERTID"=N'FraudulentCertificateAccess' OR "GENERICALERT_1"."ALERTID"=N'FTPCommandAccess' OR "GENERICALERT_1"."ALERTID"=N'FTPFileAccess' OR "GENERICALERT_1"."ALERTID"=N'FTPInvalidFormatAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPAdministrationAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPApplicationAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPClientAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPDynamicContentAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPFileRequestAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPInvalidFormatAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPServerAccess' OR "GENERICALERT_1"."ALERTID"=N'HTTPServiceAccess' OR "GENERICALERT_1"."ALERTID"=N'ICMPRedirectAccess' OR "GENERICALERT_1"."ALERTID"=N'IPFragmentationAccess' OR "GENERICALERT_1"."ALERTID"=N'IPSourceRouteAccess' OR "GENERICALERT_1"."ALERTID"=N'IPSpoofAccess' OR "GENERICALERT_1"."ALERTID"=N'LinkControlAccess' OR "GENERICALERT_1"."ALERTID"=N'MailAccess' OR "GENERICALERT_1"."ALERTID"=N'MailDeliveryAccess' OR "GENERICALERT_1"."ALERTID"=N'MailServiceAccess' OR "GENERICALERT_1"."ALERTID"=N'MailTransferAccess' OR "GENERICALERT_1"."ALERTID"=N'MajordomoAccess' OR "GENERICALERT_1"."ALERTID"=N'MalformedRIPAccess' OR "GENERICALERT_1"."ALERTID"=N'NamingAccess' OR "GENERICALERT_1"."ALERTID"=N'NewsAccess' OR "GENERICALERT_1"."ALERTID"=N'NFSAccess' OR "GENERICALERT_1"."ALERTID"=N'PointToPointAccess' OR "GENERICALERT_1"."ALERTID"=N'PPTPSpoof' OR "GENERICALERT_1"."ALERTID"=N'PrinterAccess' OR "GENERICALERT_1"."ALERTID"=N'ProhibitedHTTPControlAccess' OR "GENERICALERT_1"."ALERTID"=N'RemoteConsoleAccess' OR "GENERICALERT_1"."ALERTID"=N'RemoteProcedureAccess' OR "GENERICALERT_1"."ALERTID"=N'RoutingAccess' OR "GENERICALERT_1"."ALERTID"=N'RPCPortmapperAccess' OR "GENERICALERT_1"."ALERTID"=N'SmailAccess' OR "GENERICALERT_1"."ALERTID"=N'SMBAccess' OR "GENERICALERT_1"."ALERTID"=N'SMTPCommandAccess' OR "GENERICALERT_1"."ALERTID"=N'SMTPInvalidFormatAccess' OR "GENERICALERT_1"."ALERTID"=N'TCPHijackAccess' OR "GENERICALERT_1"."ALERTID"=N'TCPTunnelingAccess' OR "GENERICALERT_1"."ALERTID"=N'TimeAccess' OR "GENERICALERT_1"."ALERTID"=N'TrojanCommandAccess' OR "GENERICALERT_1"."ALERTID"=N'TrojanInfectionAccess' OR "GENERICALERT_1"."ALERTID"=N'TrojanTrafficAccess' OR "GENERICALERT_1"."ALERTID"=N'VirusTrafficAccess' OR "GENERICALERT_1"."ALERTID"=N'WebAccess')
 

rpt2003-12-01.rpt - Network Events: Attack Behavior - Denial / Relay - Application Denial
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ApplicationDenial' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-12-02.rpt - Network Events: Attack Behavior - Denial / Relay - Configuration Denial
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ConfigurationDenial' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-12-03.rpt - Network Events: Attack Behavior - Denial / Relay - Core Denial
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ChargenDenial' OR "GENERICALERT_1"."ALERTID"=N'CoreDenial' OR "GENERICALERT_1"."ALERTID"=N'ICMPFloodDenial' OR "GENERICALERT_1"."ALERTID"=N'ICMPFragmentationDenial' OR "GENERICALERT_1"."ALERTID"=N'ICMPSourceQuenchDenial' OR "GENERICALERT_1"."ALERTID"=N'IPFloodDenial' OR "GENERICALERT_1"."ALERTID"=N'IPFragmentationDenial' OR "GENERICALERT_1"."ALERTID"=N'LandAttackDenial' OR "GENERICALERT_1"."ALERTID"=N'MailSpamDenial' OR "GENERICALERT_1"."ALERTID"=N'PingOfDeathDenial' OR "GENERICALERT_1"."ALERTID"=N'SmurfDenial' OR "GENERICALERT_1"."ALERTID"=N'SnorkDenial' OR "GENERICALERT_1"."ALERTID"=N'SYNFloodDenial' OR "GENERICALERT_1"."ALERTID"=N'TeardropDenial' OR "GENERICALERT_1"."ALERTID"=N'TrojanTrafficDenial' OR "GENERICALERT_1"."ALERTID"=N'UDPBombDenial') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-12-04.rpt - Network Events: Attack Behavior - Denial / Relay - Denial
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'Denial' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-12-05.rpt - Network Events: Attack Behavior - Denial / Relay - File System Denial
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileSystemDenial' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-12-06.rpt - Network Events: Attack Behavior - Denial / Relay - File Transfer Denial
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'FileTransferDenial' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-12-07.rpt - Network Events: Attack Behavior - Denial / Relay - Link Control Denial
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'LinkControlDenial' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-12-08.rpt - Network Events: Attack Behavior - Denial / Relay - Mail Denial
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'MailDenial' OR "GENERICALERT_1"."ALERTID"=N'MailServiceDenial') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-12-09.rpt - Network Events: Attack Behavior - Denial / Relay - Relay
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'DDOSToolRelay' OR "GENERICALERT_1"."ALERTID"=N'FileTransferRelay' OR "GENERICALERT_1"."ALERTID"=N'FTPBounce' OR "GENERICALERT_1"."ALERTID"=N'Relay') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-12-10.rpt - Network Events: Attack Behavior - Denial / Relay - Remote Procedure Denial
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'RemoteProcedureDenial' OR "GENERICALERT_1"."ALERTID"=N'RPCPortmapperDenial') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-12-11.rpt - Network Events: Attack Behavior - Denial / Relay - Routing Denial
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'RoutingDenial' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-12-12.rpt - Network Events: Attack Behavior - Denial / Relay - Web Denial
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'WebDenial' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2003-12.rpt - Network Events: Attack Behavior - Denial / Relay
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "NETWORKATTACK_1"."SOURCEMACHINE", "NETWORKATTACK_1"."DESTINATIONMACHINE", "NETWORKATTACK_1"."SOURCEPORT", "NETWORKATTACK_1"."DESTINATIONPORT", "NETWORKATTACK_1"."ALERTACTIVITYTYPE", "NETWORKATTACK_1"."PROTOCOL", "NETWORKATTACK_1"."INTERFACE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKATTACK" "NETWORKATTACK_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKATTACK_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ApplicationDenial' OR "GENERICALERT_1"."ALERTID"=N'ChargenDenial' OR "GENERICALERT_1"."ALERTID"=N'ConfigurationDenial' OR "GENERICALERT_1"."ALERTID"=N'CoreDenial' OR "GENERICALERT_1"."ALERTID"=N'DDOSToolRelay' OR "GENERICALERT_1"."ALERTID"=N'Denial' OR "GENERICALERT_1"."ALERTID"=N'FileSystemDenial' OR "GENERICALERT_1"."ALERTID"=N'FileTransferDenial' OR "GENERICALERT_1"."ALERTID"=N'FileTransferRelay' OR "GENERICALERT_1"."ALERTID"=N'FTPBounce' OR "GENERICALERT_1"."ALERTID"=N'ICMPFloodDenial' OR "GENERICALERT_1"."ALERTID"=N'ICMPFragmentationDenial' OR "GENERICALERT_1"."ALERTID"=N'ICMPSourceQuenchDenial' OR "GENERICALERT_1"."ALERTID"=N'IPFloodDenial' OR "GENERICALERT_1"."ALERTID"=N'IPFragmentationDenial' OR "GENERICALERT_1"."ALERTID"=N'LandAttackDenial' OR "GENERICALERT_1"."ALERTID"=N'LinkControlDenial' OR "GENERICALERT_1"."ALERTID"=N'MailDenial' OR "GENERICALERT_1"."ALERTID"=N'MailServiceDenial' OR "GENERICALERT_1"."ALERTID"=N'MailSpamDenial' OR "GENERICALERT_1"."ALERTID"=N'PingOfDeathDenial' OR "GENERICALERT_1"."ALERTID"=N'Relay' OR "GENERICALERT_1"."ALERTID"=N'RemoteProcedureDenial' OR "GENERICALERT_1"."ALERTID"=N'RoutingDenial' OR "GENERICALERT_1"."ALERTID"=N'RPCPortmapperDenial' OR "GENERICALERT_1"."ALERTID"=N'SmurfDenial' OR "GENERICALERT_1"."ALERTID"=N'SnorkDenial' OR "GENERICALERT_1"."ALERTID"=N'SYNFloodDenial' OR "GENERICALERT_1"."ALERTID"=N'TeardropDenial' OR "GENERICALERT_1"."ALERTID"=N'TrojanTrafficDenial' OR "GENERICALERT_1"."ALERTID"=N'UDPBombDenial' OR "GENERICALERT_1"."ALERTID"=N'WebDenial')
 

rpt2003-13.rpt - Tool Maintenance by Provider
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."PROVIDERSID" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."DETECTIONTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."DETECTIONTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'InternalNewToolData'
 

rpt2003-14.rpt - Tool Maintenance by Alias
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "UNIQUENODEIDENTIFIER_1"."NAME", "GENERICALERT_1"."TOOLALIAS" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."DETECTIONTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."DETECTIONTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'InternalNewToolData'
 

rpt2003-15.rpt - Tool Maintenance by Insertion Point
 

SELECT "GENERICALERT_1"."DETECTIONTIME", "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."DETECTIONTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."DETECTIONTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'InternalNewToolData'
 

rpt2003-18.rpt - SolarWinds Actions
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'InternalCommands'
 

rpt2006-19.rpt - Incident Alerts
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME", "HYBRIDINCIDENT_1"."SOURCEMACHINE", "HYBRIDINCIDENT_1"."DESTINATIONMACHINE", "HYBRIDINCIDENT_1"."SOURCEACCOUNT", "HYBRIDINCIDENT_1"."SOURCEDOMAIN", "HYBRIDINCIDENT_1"."DESTINATIONACCOUNT", "HYBRIDINCIDENT_1"."DESTINATIONDOMAIN", "HYBRIDINCIDENT_1"."ACCESSREQUESTED", "HYBRIDINCIDENT_1"."OBJECTNAME", "HOSTINCIDENT_1"."SOURCEMACHINE", "HOSTINCIDENT_1"."DESTINATIONMACHINE", "HOSTINCIDENT_1"."SOURCEACCOUNT", "HOSTINCIDENT_1"."SOURCEDOMAIN", "HOSTINCIDENT_1"."DESTINATIONACCOUNT", "HOSTINCIDENT_1"."DESTINATIONDOMAIN", "HOSTINCIDENT_1"."ACCESSREQUESTED", "HOSTINCIDENT_1"."OBJECTNAME", "NETWORKINCIDENT_1"."SOURCEMACHINE", "NETWORKINCIDENT_1"."DESTINATIONMACHINE", "NETWORKINCIDENT_1"."SOURCEPORT", "NETWORKINCIDENT_1"."DESTINATIONPORT", "NETWORKINCIDENT_1"."ALERTACTIVITYTYPE", "NETWORKINCIDENT_1"."PROTOCOL", "NETWORKINCIDENT_1"."INTERFACE" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."NETWORKINCIDENT" "NETWORKINCIDENT_1", "PUBLIC"."PUBLIC"."HOSTINCIDENT" "HOSTINCIDENT_1", "PUBLIC"."PUBLIC"."HYBRIDINCIDENT" "HYBRIDINCIDENT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="NETWORKINCIDENT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="HOSTINCIDENT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="HYBRIDINCIDENT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'HostIncident' OR "GENERICALERT_1"."ALERTID"=N'HybridIncident' OR "GENERICALERT_1"."ALERTID"=N'Incident' OR "GENERICALERT_1"."ALERTID"=N'NetworkIncident') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-01-1.rpt - Change Management - General Authentication: Domain Events - Domain Auth Audit
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "DOMAINAUTHAUDIT_1"."DESTINATIONDOMAINTYPE", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."DOMAINAUTHAUDIT" "DOMAINAUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="DOMAINAUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'DomainAuthAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-01-2.rpt - Change Management - General Authentication: Domain Events - New Domain Member
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "DOMAINAUTHAUDIT_1"."DESTINATIONDOMAINTYPE", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."DOMAINAUTHAUDIT" "DOMAINAUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="DOMAINAUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'NewDomainMember' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-01-3.rpt - Change Management - General Authentication: Domain Events - Delete Domain Member
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "DOMAINAUTHAUDIT_1"."DESTINATIONDOMAINTYPE", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."DOMAINAUTHAUDIT" "DOMAINAUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="DOMAINAUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'DeleteDomainMember' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-01-4.rpt - Change Management - General Authentication: Domain Events - Change Domain Member
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "DOMAINAUTHAUDIT_1"."DESTINATIONDOMAINTYPE", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."DOMAINAUTHAUDIT" "DOMAINAUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="DOMAINAUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ChangeDomainMember' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-01-5.rpt - Change Management - General Authentication: Domain Events - Domain Member Alias
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "DOMAINAUTHAUDIT_1"."DESTINATIONDOMAINTYPE", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."DOMAINAUTHAUDIT" "DOMAINAUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="DOMAINAUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'DomainMemberAlias' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-01-6.rpt - Change Management - General Authentication: Domain Events - New Domain
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "DOMAINAUTHAUDIT_1"."DESTINATIONDOMAINTYPE", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."DOMAINAUTHAUDIT" "DOMAINAUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="DOMAINAUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'NewDomain' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-01-7.rpt - Change Management - General Authentication: Domain Events - Change Domain Attribute
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "DOMAINAUTHAUDIT_1"."DESTINATIONDOMAINTYPE", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."DOMAINAUTHAUDIT" "DOMAINAUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="DOMAINAUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ChangeDomainAttribute' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-01-8.rpt - Change Management - General Authentication: Domain Events - Delete Domain
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "DOMAINAUTHAUDIT_1"."DESTINATIONDOMAINTYPE", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."DOMAINAUTHAUDIT" "DOMAINAUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="DOMAINAUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'DeleteDomain' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-01.rpt - Change Management - General Authentication: Domain Events
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "DOMAINAUTHAUDIT_1"."DESTINATIONDOMAINTYPE", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."DOMAINAUTHAUDIT" "DOMAINAUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="DOMAINAUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ChangeDomainAttribute' OR "GENERICALERT_1"."ALERTID"=N'ChangeDomainMember' OR "GENERICALERT_1"."ALERTID"=N'DeleteDomain' OR "GENERICALERT_1"."ALERTID"=N'DeleteDomainMember' OR "GENERICALERT_1"."ALERTID"=N'DomainAuthAudit' OR "GENERICALERT_1"."ALERTID"=N'DomainMemberAlias' OR "GENERICALERT_1"."ALERTID"=N'NewDomain' OR "GENERICALERT_1"."ALERTID"=N'NewDomainMember') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-02-1.rpt - Change Management - General Authentication: Group Events - Group Audit
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'GroupAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-02-2.rpt - Change Management - General Authentication: Group Events - New Group Member
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'NewGroupMember' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-02-3.rpt - Change Management - General Authentication: Group Events - Delete Group Member
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'DeleteGroupMember' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-02-4.rpt - Change Management - General Authentication: Group Events - New Group
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'NewGroup' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-02-5.rpt - Change Management - General Authentication: Group Events - Delete Group
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'DeleteGroup' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-02-6.rpt - Change Management - General Authentication: Group Events - Change Group Attribute
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'ChangeGroupAttribute' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-02.rpt - Change Management - General Authentication: Group Events
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ChangeGroupAttribute' OR "GENERICALERT_1"."ALERTID"=N'DeleteGroup' OR "GENERICALERT_1"."ALERTID"=N'DeleteGroupMember' OR "GENERICALERT_1"."ALERTID"=N'GroupAudit' OR "GENERICALERT_1"."ALERTID"=N'NewGroup' OR "GENERICALERT_1"."ALERTID"=N'NewGroupMember') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-03-1.rpt - Change Management - General Authentication: Machine Account Events - Machine Enabled
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'MachineEnable' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-03-2.rpt - Change Management - General Authentication: Machine Account Events - Machine Modify Attributes
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'MachineModifyAttribute' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-03-3.rpt - Change Management - General Authentication: Machine Account Events - Machine Disabled
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'MachineDisable' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-03.rpt - Change Management - General Authentication: Machine Account Events
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'MachineDisable' OR "GENERICALERT_1"."ALERTID"=N'MachineEnable' OR "GENERICALERT_1"."ALERTID"=N'MachineModifyAttribute') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-04-1.rpt - Change Management - General Authentication: User Account Events - User Enabled
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'UserEnable' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-04-2.rpt - Change Management - General Authentication: User Account Events - User Modify Attributes
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'UserModifyAttribute' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-04-3.rpt - Change Management - General Authentication: User Account Events - User Disabled
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'UserDisable' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20-04.rpt - Change Management - General Authentication: User Account Events
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'UserDisable' OR "GENERICALERT_1"."ALERTID"=N'UserEnable' OR "GENERICALERT_1"."ALERTID"=N'UserModifyAttribute') ORDER BY "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-20.rpt - Change Management - General Authentication
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "DOMAINAUTHAUDIT_1"."DESTINATIONDOMAINTYPE", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "AUTHAUDIT_1"."PRIVILEGESEXERCISED", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1", "PUBLIC"."PUBLIC"."DOMAINAUTHAUDIT" "DOMAINAUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("AUTHAUDIT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="DOMAINAUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ChangeDomainAttribute' OR "GENERICALERT_1"."ALERTID"=N'ChangeDomainMember' OR "GENERICALERT_1"."ALERTID"=N'ChangeGroupAttribute' OR "GENERICALERT_1"."ALERTID"=N'DeleteDomain' OR "GENERICALERT_1"."ALERTID"=N'DeleteDomainMember' OR "GENERICALERT_1"."ALERTID"=N'DeleteGroup' OR "GENERICALERT_1"."ALERTID"=N'DeleteGroupMember' OR "GENERICALERT_1"."ALERTID"=N'DomainAuthAudit' OR "GENERICALERT_1"."ALERTID"=N'DomainMemberAlias' OR "GENERICALERT_1"."ALERTID"=N'GroupAudit' OR "GENERICALERT_1"."ALERTID"=N'MachineDisable' OR "GENERICALERT_1"."ALERTID"=N'MachineEnable' OR "GENERICALERT_1"."ALERTID"=N'MachineModifyAttribute' OR "GENERICALERT_1"."ALERTID"=N'NewDomain' OR "GENERICALERT_1"."ALERTID"=N'NewDomainMember' OR "GENERICALERT_1"."ALERTID"=N'NewGroup' OR "GENERICALERT_1"."ALERTID"=N'NewGroupMember' OR "GENERICALERT_1"."ALERTID"=N'UserDisable' OR "GENERICALERT_1"."ALERTID"=N'UserEnable' OR "GENERICALERT_1"."ALERTID"=N'UserModifyAttribute')
 

rpt2006-21.rpt - Change Management - Network Infrastructure: Policy/View Change
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "POLICYMODIFY_1"."CHANGEDETAILS", "POLICYACCESS_1"."SOURCEACCOUNT", "POLICYACCESS_1"."SOURCEDOMAIN", "POLICYACCESS_1"."SOURCELOGONID", "POLICYACCESS_1"."DESTINATIONDOMAINID", "POLICYACCESS_1"."SOURCEMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."POLICYACCESS" "POLICYACCESS_1", "PUBLIC"."PUBLIC"."POLICYMODIFY" "POLICYMODIFY_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("POLICYACCESS_1"."UUID_"="POLICYMODIFY_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="POLICYACCESS_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'PolicyModify' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-22-01.rpt - Change Management - Windows/Active Directory Domains: Group Created
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("AUTHAUDIT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'NewGroup' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-22-02.rpt - Change Management - Windows/Active Directory Domains: Group Deleted
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("AUTHAUDIT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'DeleteGroup' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-22-03.rpt - Change Management - Windows/Active Directory Domains: Group Property Updated
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ChangeGroupAttribute' OR "GENERICALERT_1"."ALERTID"=N'ObjectAudit') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-22-04.rpt - Change Management - Windows/Active Directory Domains: New Critical Group Members
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "NEWGROUPMEMBER_1"."GROUPMEMBER", "NEWGROUPMEMBER_1"."MEMBERID", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."NEWGROUPMEMBER" "NEWGROUPMEMBER_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("AUTHAUDIT_1"."UUID_"="NEWGROUPMEMBER_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'NewGroupMember' AND "NEWGROUPMEMBER_1"."MEMBERID" NOT LIKE N'%$' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-22.rpt - Change Management - Windows/Active Directory Domains: Group Events
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNTTYPE", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "NEWGROUPMEMBER_1"."GROUPMEMBER", "NEWGROUPMEMBER_1"."MEMBERID", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1", "PUBLIC"."PUBLIC"."NEWGROUPMEMBER" "NEWGROUPMEMBER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GROUPAUDIT_1"."UUID_"="NEWGROUPMEMBER_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND ("GENERICALERT_1"."ALERTID"=N'ChangeGroupAttribute' OR "GENERICALERT_1"."ALERTID"=N'DeleteGroup' OR "GENERICALERT_1"."ALERTID"=N'NewGroup' OR "GENERICALERT_1"."ALERTID"=N'NewGroupMember' OR "GENERICALERT_1"."ALERTID"=N'ObjectAudit') AND ("GENERICALERT_1"."EVENTINFO" LIKE N'G%' OR "GENERICALERT_1"."EVENTINFO" LIKE N'W%' OR "GENERICALERT_1"."EVENTINFO" LIKE N'M%')
 

rpt2006-23-01.rpt - Change Management - Windows/Active Directory Domains: Machine Events - Account Created
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "NEWDOMAINMEMBER_1"."DOMAINMEMBER", "NEWDOMAINMEMBER_1"."MEMBERID", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."NEWDOMAINMEMBER" "NEWDOMAINMEMBER_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("AUTHAUDIT_1"."UUID_"="NEWDOMAINMEMBER_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'NewDomainMember' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-23-02.rpt - Change Management - Windows/Active Directory Domains: Machine Events - Account Deleted
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "DELETEDOMAINMEMBER_1"."DOMAINMEMBER", "DELETEDOMAINMEMBER_1"."MEMBERID", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."DELETEDOMAINMEMBER" "DELETEDOMAINMEMBER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("DELETEDOMAINMEMBER_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="DELETEDOMAINMEMBER_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'DeleteDomainMember' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-23-03.rpt - Change Management - Windows/Active Directory Domains: Machine Events - Account Disabled
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 12:04:42' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 12:04:43' ) AND "GENERICALERT_1"."ALERTID"=N'MachineDisable' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-23-04.rpt - Change Management - Windows/Active Directory Domains: Machine Events - Account Enabled
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'MachineEnable' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-23-05.rpt - Change Management - Windows/Active Directory Domains: Machine Events - Account Properties Update
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "CHANGEDOMAINMEMBER_1"."DOMAINMEMBER", "CHANGEDOMAINMEMBER_1"."MEMBERID", "CHANGEDOMAINMEMBER_1"."CHANGETYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."CHANGEDOMAINMEMBER" "CHANGEDOMAINMEMBER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("CHANGEDOMAINMEMBER_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="CHANGEDOMAINMEMBER_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'ChangeDomainMember' AND "AUTHAUDIT_1"."DESTINATIONACCOUNT" LIKE N'%$' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-23-06.rpt - Change Management - Windows/Active Directory Domains: Machine Events - Added To Group
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "NEWGROUPMEMBER_1"."GROUPMEMBER", "NEWGROUPMEMBER_1"."MEMBERID", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NEWGROUPMEMBER" "NEWGROUPMEMBER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("NEWGROUPMEMBER_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NEWGROUPMEMBER_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'NewGroupMember' AND "NEWGROUPMEMBER_1"."MEMBERID" LIKE N'%$' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-23-07.rpt - Change Management - Windows/Active Directory Domains: Machine Events - Added To OU
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "NEWGROUPMEMBER_1"."GROUPMEMBER", "NEWGROUPMEMBER_1"."MEMBERID", "OBJECTAUDIT_1"."ACCESSREQUESTED", "OBJECTAUDIT_1"."OBJECTTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."OBJECTAUDIT" "OBJECTAUDIT_1", "PUBLIC"."PUBLIC"."NEWGROUPMEMBER" "NEWGROUPMEMBER_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="OBJECTAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NEWGROUPMEMBER_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'ObjectAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-23-08.rpt - Change Management - Windows/Active Directory Domains: Machine Events - Removed From Group
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "DELETEGROUPMEMBER_1"."MEMBERID", "OBJECTAUDIT_1"."SOURCEACCOUNT", "OBJECTAUDIT_1"."SOURCEDOMAIN", "OBJECTAUDIT_1"."SOURCELOGONID", "OBJECTAUDIT_1"."DESTINATIONACCOUNT", "OBJECTAUDIT_1"."DESTINATIONDOMAIN", "OBJECTAUDIT_1"."DESTINATIONLOGONID", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."OBJECTAUDIT" "OBJECTAUDIT_1", "PUBLIC"."PUBLIC"."DELETEGROUPMEMBER" "DELETEGROUPMEMBER_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="OBJECTAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="DELETEGROUPMEMBER_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'DeleteGroupMember' AND "DELETEGROUPMEMBER_1"."MEMBERID" LIKE N'%$' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-23-09.rpt - Change Management - Windows/Active Directory Domains: Machine Events - Removed From OU
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "OBJECTAUDIT_1"."SOURCEACCOUNT", "OBJECTAUDIT_1"."SOURCEDOMAIN", "OBJECTAUDIT_1"."SOURCELOGONID", "OBJECTAUDIT_1"."DESTINATIONACCOUNT", "OBJECTAUDIT_1"."DESTINATIONDOMAIN", "OBJECTAUDIT_1"."DESTINATIONLOGONID", "OBJECTAUDIT_1"."ACCESSREQUESTED", "OBJECTAUDIT_1"."OBJECTTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."OBJECTAUDIT" "OBJECTAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="OBJECTAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'ObjectAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-24-01.rpt - Change Management - Windows/Active Directory Domains: OU Events - OU Created
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "OBJECTAUDIT_1"."SOURCEACCOUNT", "OBJECTAUDIT_1"."SOURCEDOMAIN", "OBJECTAUDIT_1"."SOURCELOGONID", "OBJECTAUDIT_1"."DESTINATIONACCOUNT", "OBJECTAUDIT_1"."DESTINATIONDOMAIN", "OBJECTAUDIT_1"."DESTINATIONLOGONID", "OBJECTAUDIT_1"."ACCESSREQUESTED", "OBJECTAUDIT_1"."OBJECTTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."OBJECTAUDIT" "OBJECTAUDIT_1", "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("OBJECTAUDIT_1"."UUID_"="GENERICALERT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'ObjectAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-24-02.rpt - Change Management - Windows/Active Directory Domains: OU Events - OU Deleted
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "OBJECTAUDIT_1"."SOURCEACCOUNT", "OBJECTAUDIT_1"."SOURCEDOMAIN", "OBJECTAUDIT_1"."SOURCELOGONID", "OBJECTAUDIT_1"."DESTINATIONACCOUNT", "OBJECTAUDIT_1"."DESTINATIONDOMAIN", "OBJECTAUDIT_1"."DESTINATIONLOGONID", "OBJECTAUDIT_1"."ACCESSREQUESTED", "OBJECTAUDIT_1"."OBJECTTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."OBJECTAUDIT" "OBJECTAUDIT_1", "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("OBJECTAUDIT_1"."UUID_"="GENERICALERT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'ObjectAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-24-03.rpt - Change Management - Windows/Active Directory Domains: OU Events - OU Properties Update
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "OBJECTAUDIT_1"."SOURCEACCOUNT", "OBJECTAUDIT_1"."SOURCEDOMAIN", "OBJECTAUDIT_1"."SOURCELOGONID", "OBJECTAUDIT_1"."DESTINATIONACCOUNT", "OBJECTAUDIT_1"."DESTINATIONDOMAIN", "OBJECTAUDIT_1"."DESTINATIONLOGONID", "OBJECTAUDIT_1"."ACCESSREQUESTED", "OBJECTAUDIT_1"."OBJECTTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."OBJECTAUDIT" "OBJECTAUDIT_1", "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("OBJECTAUDIT_1"."UUID_"="GENERICALERT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'ObjectAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-24.rpt - Change Management - Windows/Active Directory Domains: OU Events
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "OBJECTAUDIT_1"."SOURCEACCOUNT", "OBJECTAUDIT_1"."SOURCEDOMAIN", "OBJECTAUDIT_1"."SOURCELOGONID", "OBJECTAUDIT_1"."DESTINATIONACCOUNT", "OBJECTAUDIT_1"."DESTINATIONDOMAIN", "OBJECTAUDIT_1"."DESTINATIONLOGONID", "OBJECTAUDIT_1"."ACCESSREQUESTED", "OBJECTAUDIT_1"."OBJECTTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."OBJECTAUDIT" "OBJECTAUDIT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="OBJECTAUDIT_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'ObjectAudit'
 

rpt2006-25-01.rpt - Change Management - Windows/Active Directory Domains: User Events - Account Created
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "NEWDOMAINMEMBER_1"."DOMAINMEMBER", "NEWDOMAINMEMBER_1"."MEMBERID", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NEWDOMAINMEMBER" "NEWDOMAINMEMBER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("NEWDOMAINMEMBER_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NEWDOMAINMEMBER_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'NewDomainMember' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-25-02.rpt - Change Management - Windows/Active Directory Domains: User Events - Account Deleted
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "DELETEDOMAINMEMBER_1"."DOMAINMEMBER", "DELETEDOMAINMEMBER_1"."MEMBERID", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."DELETEDOMAINMEMBER" "DELETEDOMAINMEMBER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("DELETEDOMAINMEMBER_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="DELETEDOMAINMEMBER_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'DeleteDomainMember' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-25-03.rpt - Change Management - Windows/Active Directory Domains: User Events - Account Disabled
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'UserDisable' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-25-04.rpt - Change Management - Windows/Active Directory Domains: User Events - Account Enabled
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'UserEnable' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-25-05.rpt - Change Management - Windows/Active Directory Domains: User Events - Account Lockout
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'UserDisable' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-25-06.rpt - Change Management - Windows/Active Directory Domains: User Events - Account Properties Updated
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "CHANGEDOMAINMEMBER_1"."DOMAINMEMBER", "CHANGEDOMAINMEMBER_1"."MEMBERID", "CHANGEDOMAINMEMBER_1"."CHANGETYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."CHANGEDOMAINMEMBER" "CHANGEDOMAINMEMBER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("CHANGEDOMAINMEMBER_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="CHANGEDOMAINMEMBER_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'ChangeDomainMember' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-25-07.rpt - Change Management - Windows/Active Directory Domains: User Events - Added To Group
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "NEWGROUPMEMBER_1"."GROUPMEMBER", "NEWGROUPMEMBER_1"."MEMBERID", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."NEWGROUPMEMBER" "NEWGROUPMEMBER_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("NEWGROUPMEMBER_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NEWGROUPMEMBER_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'NewGroupMember' AND "NEWGROUPMEMBER_1"."MEMBERID" NOT LIKE N'%$' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-25-08.rpt - Change Management - Windows/Active Directory Domains: User Events - Added To OU
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "NEWGROUPMEMBER_1"."GROUPMEMBER", "NEWGROUPMEMBER_1"."MEMBERID", "OBJECTAUDIT_1"."ACCESSREQUESTED", "OBJECTAUDIT_1"."OBJECTTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."OBJECTAUDIT" "OBJECTAUDIT_1", "PUBLIC"."PUBLIC"."NEWGROUPMEMBER" "NEWGROUPMEMBER_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="OBJECTAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="NEWGROUPMEMBER_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'ObjectAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-25-09.rpt - Change Management - Windows/Active Directory Domains: User Events - Removed From Group
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "DELETEGROUPMEMBER_1"."MEMBERID", "UNIQUENODEIDENTIFIER_1"."NAME", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."DELETEGROUPMEMBER" "DELETEGROUPMEMBER_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="DELETEGROUPMEMBER_1"."UUID_") AND ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'DeleteGroupMember' AND "DELETEGROUPMEMBER_1"."MEMBERID" NOT LIKE N'%$' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-25-10.rpt - Change Management - Windows/Active Directory Domains: User Events - Removed From OU
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "OBJECTAUDIT_1"."SOURCEACCOUNT", "OBJECTAUDIT_1"."SOURCEDOMAIN", "OBJECTAUDIT_1"."SOURCELOGONID", "OBJECTAUDIT_1"."DESTINATIONACCOUNT", "OBJECTAUDIT_1"."DESTINATIONDOMAIN", "OBJECTAUDIT_1"."DESTINATIONLOGONID", "OBJECTAUDIT_1"."ACCESSREQUESTED", "OBJECTAUDIT_1"."OBJECTTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."OBJECTAUDIT" "OBJECTAUDIT_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="OBJECTAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND "GENERICALERT_1"."ALERTID"=N'ObjectAudit' ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-25.rpt - Change Management - Windows/Active Directory Domains: User Events
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."TOOLALIAS", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "AUTHAUDIT_1"."SOURCEACCOUNT", "AUTHAUDIT_1"."SOURCEDOMAIN", "AUTHAUDIT_1"."SOURCELOGONID", "AUTHAUDIT_1"."DESTINATIONACCOUNT", "AUTHAUDIT_1"."DESTINATIONDOMAIN", "AUTHAUDIT_1"."DESTINATIONLOGONID", "AUTHAUDIT_1"."SOURCEMACHINE", "AUTHAUDIT_1"."DESTINATIONMACHINE", "GROUPAUDIT_1"."GROUPNAME", "GROUPAUDIT_1"."GROUPTYPE", "NEWDOMAINMEMBER_1"."DOMAINMEMBER", "NEWDOMAINMEMBER_1"."MEMBERID", "DELETEDOMAINMEMBER_1"."DOMAINMEMBER", "DELETEDOMAINMEMBER_1"."MEMBERID", "CHANGEDOMAINMEMBER_1"."DOMAINMEMBER", "CHANGEDOMAINMEMBER_1"."MEMBERID", "CHANGEDOMAINMEMBER_1"."CHANGETYPE", "DELETEGROUPMEMBER_1"."GROUPMEMBER", "NEWGROUPMEMBER_1"."GROUPMEMBER", "NEWGROUPMEMBER_1"."MEMBERID", "OBJECTAUDIT_1"."SOURCEACCOUNT", "OBJECTAUDIT_1"."SOURCEDOMAIN", "OBJECTAUDIT_1"."SOURCELOGONID", "OBJECTAUDIT_1"."DESTINATIONACCOUNT", "OBJECTAUDIT_1"."DESTINATIONDOMAIN", "OBJECTAUDIT_1"."DESTINATIONLOGONID", "OBJECTAUDIT_1"."ACCESSREQUESTED", "OBJECTAUDIT_1"."OBJECTTYPE", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1", "PUBLIC"."PUBLIC"."OBJECTAUDIT" "OBJECTAUDIT_1", "PUBLIC"."PUBLIC"."AUTHAUDIT" "AUTHAUDIT_1", "PUBLIC"."PUBLIC"."CHANGEDOMAINMEMBER" "CHANGEDOMAINMEMBER_1", "PUBLIC"."PUBLIC"."DELETEDOMAINMEMBER" "DELETEDOMAINMEMBER_1", "PUBLIC"."PUBLIC"."NEWDOMAINMEMBER" "NEWDOMAINMEMBER_1", "PUBLIC"."PUBLIC"."GROUPAUDIT" "GROUPAUDIT_1", "PUBLIC"."PUBLIC"."DELETEGROUPMEMBER" "DELETEGROUPMEMBER_1", "PUBLIC"."PUBLIC"."NEWGROUPMEMBER" "NEWGROUPMEMBER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."UUID_"="OBJECTAUDIT_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="CHANGEDOMAINMEMBER_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="DELETEDOMAINMEMBER_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="NEWDOMAINMEMBER_1"."UUID_") AND ("GROUPAUDIT_1"."UUID_"="DELETEGROUPMEMBER_1"."UUID_") AND ("GROUPAUDIT_1"."UUID_"="NEWGROUPMEMBER_1"."UUID_") AND ("AUTHAUDIT_1"."UUID_"="GROUPAUDIT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="AUTHAUDIT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND ("GENERICALERT_1"."ALERTID"=N'ChangeDomainMember' OR "GENERICALERT_1"."ALERTID"=N'DeleteDomainMember' OR "GENERICALERT_1"."ALERTID"=N'DeleteGroupMember' OR "GENERICALERT_1"."ALERTID"=N'NewDomainMember' OR "GENERICALERT_1"."ALERTID"=N'NewGroupMember' OR "GENERICALERT_1"."ALERTID"=N'ObjectAudit' OR "GENERICALERT_1"."ALERTID"=N'UserDisable' OR "GENERICALERT_1"."ALERTID"=N'UserEnable') AND ("GENERICALERT_1"."EVENTINFO" LIKE N'U%' OR "GENERICALERT_1"."EVENTINFO" LIKE N'A%' OR "GENERICALERT_1"."EVENTINFO" LIKE N'M%')
 

rpt2006-27-01.rpt - Inferred Alerts by Inference Rule
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) ORDER BY "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-27.rpt - Inferred Alerts
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."INFERENCERULE", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-31-01.rpt - Audit - Internal Audit Report
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME", "INTERNALAUDIT_1"."SOURCEACCOUNT", "INTERNALAUDIT_1"."SOURCEMACHINE" FROM "PUBLIC"."PUBLIC"."INTERNALAUDIT" "INTERNALAUDIT_1", "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("INTERNALAUDIT_1"."UUID_"="GENERICALERT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND ("GENERICALERT_1"."ALERTID"=N'InternalAudit' OR "GENERICALERT_1"."ALERTID"=N'InternalAuditFailure' OR "GENERICALERT_1"."ALERTID"=N'InternalAuditSuccess') ORDER BY "GENERICALERT_1"."MANAGERTIME"
 

rpt2006-31-02.rpt - Audit - Internal Audit Report by User
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."SEVERITY", "GENERICALERT_1"."PROVIDERSID", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "UNIQUENODEIDENTIFIER_1"."NAME", "INTERNALAUDIT_1"."SOURCEACCOUNT", "INTERNALAUDIT_1"."SOURCEMACHINE" FROM "PUBLIC"."PUBLIC"."INTERNALAUDIT" "INTERNALAUDIT_1", "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."UNIQUENODEIDENTIFIER" "UNIQUENODEIDENTIFIER_1" WHERE ("GENERICALERT_1"."INSERTIONIP"="UNIQUENODEIDENTIFIER_1"."UNIQUEID") AND ("INTERNALAUDIT_1"."UUID_"="GENERICALERT_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND ("GENERICALERT_1"."ALERTID"=N'InternalAudit' OR "GENERICALERT_1"."ALERTID"=N'InternalAuditFailure' OR "GENERICALERT_1"."ALERTID"=N'InternalAuditSuccess')
 

rpt2007-32.rpt - Agent Maintenance Report
 

SELECT "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME", "INTERNALDUPLICATECONNECTION_1"."AGENTADDRESS", "INTERNALINVALIDCONNECTION_1"."AGENTADDRESS", "INTERNALINVALIDINSTALLATION_1"."AGENTADDRESS", "INTERNALUNKNOWNAGENT_1"."AGENTADDRESS" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1", "PUBLIC"."PUBLIC"."INTERNALUNKNOWNAGENT" "INTERNALUNKNOWNAGENT_1", "PUBLIC"."PUBLIC"."INTERNALINVALIDCONNECTION" "INTERNALINVALIDCONNECTION_1", "PUBLIC"."PUBLIC"."INTERNALINVALIDINSTALLATION" "INTERNALINVALIDINSTALLATION_1", "PUBLIC"."PUBLIC"."INTERNALDUPLICATECONNECTION" "INTERNALDUPLICATECONNECTION_1" WHERE ("GENERICALERT_1"."UUID_"="INTERNALUNKNOWNAGENT_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="INTERNALINVALIDCONNECTION_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="INTERNALINVALIDINSTALLATION_1"."UUID_") AND ("GENERICALERT_1"."UUID_"="INTERNALDUPLICATECONNECTION_1"."UUID_") AND ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND ("GENERICALERT_1"."ALERTID"=N'InternalDuplicateConnection' OR "GENERICALERT_1"."ALERTID"=N'InternalInvalidConnection' OR "GENERICALERT_1"."ALERTID"=N'InternalInvalidInstallation' OR "GENERICALERT_1"."ALERTID"=N'InternalUnknownAgent') ORDER BY "GENERICALERT_1"."ALERTID"
 

rpt2009-33-1.rpt - Agent Connection Status
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1" WHERE ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND ("GENERICALERT_1"."ALERTID"=N'InternalAgentOffline' OR "GENERICALERT_1"."ALERTID"=N'InternalAgentOnline')
 

rpt2009-33-2.rpt - Agent Connection Status by Agent
 

SELECT "GENERICALERT_1"."EVENTINFO", "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."EXTRANEOUSINFO", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1" WHERE ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND ("GENERICALERT_1"."ALERTID"=N'InternalAgentOffline' OR "GENERICALERT_1"."ALERTID"=N'InternalAgentOnline') ORDER BY "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."MANAGERTIME"
 

rpt2009-33.rpt - Agent Connection Summary
 

SELECT "GENERICALERT_1"."DETECTIONIP", "GENERICALERT_1"."ALERTID", "GENERICALERT_1"."MANAGERTIME" FROM "PUBLIC"."PUBLIC"."GENERICALERT" "GENERICALERT_1" WHERE ("GENERICALERT_1"."MANAGERTIME">= TIMESTAMP '2012-04-16 17:59:54' AND "GENERICALERT_1"."MANAGERTIME"< TIMESTAMP '2012-04-16 17:59:55' ) AND ("GENERICALERT_1"."ALERTID"=N'InternalAgentOffline' OR "GENERICALERT_1"."ALERTID"=N'InternalAgentOnline')

 

 

 

Last modified

Tags

Classifications

Public